Posted on 02/13/2022 7:12:27 PM PST by MercyFlush
The https://givesendgo.com/ main page is currently compromised and redirecting traffic to a video at https://givesendgone.wtf/
The page is allowing the download of a .csv file that has the names and donation amounts made to the Canadian Freedom Convoy. (I have a copy of it)
If you download the file open it as a text file or in Wordpad - I recommend against opening it in Excel in case there are malicious macros embedded in it.
The video at "givesendgone" has a sample from the Frozen movie overlaid with a screed against the truckers which I will partly transcribe and post in the comments.
After the screed is posted a list of the major donors to the Freedom Convoys, the amounts they donated, and their email addresses.
As for the hacker’s skill levels re my comment, the Hildebeast tends to hire some real hacks. :)
As for the doxxing, I donated through GiveSendGo and, as long as they don’t have my full CC info, I don’t care if my identity is revealed.
Would be good to get a subpoena for those DNS log files.
Same for me. C’mon over and tell me why I should t be allowed to give money to whoever I choose.
The list has been validated by at least one FReeper who is on the list.
https://freerepublic.com/focus/chat/4037803/posts?page=485#485
That’s what I was implying....I should’ve made it more clear ;-)
They need to publicly address what happened today.
I'm sure they are PCI compliant, which is good.
Yet another attack taking place as I type, to a different domain.
I’m always ready to dance. :)
Seems normal. ?
thx
Not from where I'm at.
Pretty poor security for a site that will clearly be targeted.
Redirecting to a disgusting Russian domain.
So far they have not posted anything. Last post was 11 hours ago.
They have a decent setup against DDOS - utilizing CloudFlare and WAF.
I'll cut them some slack on that - but they need to bring in outside professionals if they can't stem the attacks with their own staff.
“Pretty poor security for a site that will clearly be targeted.”
I hate to say but it’s typical behavior from too many Christian organizations to be lazy about security.
My church for years was lax about locking the doors. Then $150,000 in audio-visual kit walked out an open door one day.
Now the doors are locked.
Nothing like locking the doors after the thieves leave.
Someone either penetrated Givesendgo to get the donor list or some lazy coding allowed the data to be scraped from the site.
I doubt it - but if it's true that they could access a donor list view through poor security practices then GiveSendGo will have completely lost credibility.
I hope that's not the case. I really do.
They are likely to try to use this info to get people fired by their corporate masters. Like me.
Ok, should I be cancelling my plastic tomorrow first thing?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.