Cyber Threat Actor: Hack for Trump
| Actor Type | Location | Known Incidents |
Hacker
|
United States of America
|
2 incidents |
|---|
Profile
Hack for Trump, also known as New World Hacking, is a threat actor that has been publicly identified as operating from the United States of America and using two distinct aliases in its activities. The group first came to attention in 2015 when it identified itself as “Hack for Trump” in a ransom demand against a financial institution, claiming to have compromised the institution’s website and threatening to release stolen data unless a $30,000 payment was made. In 2016 the same collective, operating under the name New World Hacking, described itself as linked to the broader Anonymous movement and carried out a distributed denial‑of‑service (DDoS) attack against the websites and email servers of the United States space agency NASA as part of an operation it called Operation Censorship. These incidents show that the actor has targeted both government‑related space infrastructure and private financial entities, employing disruption tactics such as DDoS flooding and data‑theft extortion as its primary methods. The actor’s stated objectives have included political disruption, as it claimed the NASA attack was preparation for a planned cyber campaign against Donald Trump’s election efforts, and financial gain, as demonstrated by the ransom demand made to the financial institution. No specific malware families, exploit kits, or advanced tooling are mentioned in the publicly available sources; the described techniques rely on volumetric network attacks and unauthorized web‑site access followed by threats to expose allegedly stolen data. Attribution information is limited to the group’s self‑declared connection to Anonymous for the New World Hacking persona, with no evidence of state sponsorship or membership in a larger criminal consortium presented in the open‑source reporting.
The most notable campaigns attributed to this actor are the 2016 DDoS operation against NASA’s online services, during which the group asserted it had disrupted the agency’s primary website and email servers while providing only unspecified evidence of impact, and the 2015 extortion incident involving Fidelity Group, where the actors claimed to have obtained detailed information from the compromised website and communicated their ransom demand to media outlets. In both cases the actors used public statements to amplify the perceived effect of their actions, with the NASA incident framed as part of a broader Operation Censorship aimed at alleged information suppression regarding ISIS, and the financial incident centered on a monetary extortion scheme. No further publicly reported operations involving these aliases have been documented in the sources provided, leaving the described events as the confirmed examples of the actor’s activity. The available information does not allow conclusions about the actor’s size, sophistication, ongoing capabilities, or any additional targets beyond those explicitly mentioned.
