Feb 19, 2020 - Technology

Hackers use Rudy Giuliani's Twitter typos to spread malware

Rudy Giuliani on July 29, 2019
Photo: Jabin Botsford/The Washington Post via Getty Images

Hackers are using misspelled links in Rudy Giuliani's tweets to spread malware, CNET reports.

Why it matters: Giuliani, the former New York mayor and President Trump's personal lawyer, has more than 650,000 Twitter followers — including politicians, journalists and Trump Organization members — all of whom could unknowingly click an incorrect link that exposes them to malware.

How it works: Hackers or cyber trolls, using a technique called "typosquatting," register URLs similar to those of popular websites, hoping that users flub the spelling and visit the fake page, which can contain malicious software or unintended content.

What happened: Giuliani, who advised the Trump administration on cybersecurity, tried to tweet a link to his website, RudyGiulianics.com, on Feb. 16, but included a space after "Rudy."

  • He instead linked to a website that redirects visitors to websites that collect tracking data and leads users to an unsecured website attempting to install adware.
  • Giuliani again tried to link to his website on the same day but forgot the third "i" in his last name. This faulty URL did not contain malware but directed visitors to the Wikipedia entry for the Trump-Ukraine impeachment scandal.

The big picture: It's not the first time Giuliani has faced high-profile issues with technology.

  • He accidentally "butt-dialed" NBC News' Rich Schapiro last year. That incident prompted other reporters to discuss instances in which they received an accidental call from Giuliani.
  • He also visited a Apple Store in 2017 to have an employee unlock his iPhone after forgetting his passcode, reports NBC News. A former FBI special agent told NBC that Giuliani's decision to allow an unknown person to access his phone was "crazy."
Go deeper