Trump Hotels website appears to be under DDoS attack by hackers

News by Rene Millman

Cloudflare protection notification appears on website before homepage, which would appear to indicate that the Trump hotel chain's website is under DDoS attack.

The website for Donald Trump's chain of hotels appears to be under attack from hackers trying to DDoS the website.

According to reports from the Daily Dot, the Trump Hotels website was displaying a notice that it was “Checking your browser before accessing” when visitors tried to access the home page. Such notifications are a strong indication that a site is struggling from a massive amount of traffic that a DDoS attack brings.

The problem was first noticed by Philip Bump, a correspondent for the Washington Post. In a Twitter update, he uploaded an image taken from the website showing a SQL query error that said that “User Trumphotels already has more than ‘max_user_connections' active connections SQL: SELECT id, cname, nativename, code FROM languages. An error has been encountered while accessing the database. Please try again later.”

Another tweet from Bump, showed a screenshot of a Cloudflare notification page checking the user's browser before allowing them to access the website. At the time of writing, the website appears to be functioning normally.

Last year, the Trump Hotels website was attacked twice in a period of six months with criminals managing to infect the hotel's payment systems with malware and steal information on customers visiting between May 2014 and June 2015. 

This has led to the company using Cloudflare to protect its website.

Kyle Wilhoit, security researcher at DomainTools, told SC Magazine that Cloudflare is a service often leveraged by nefarious actor and concerned organizations alike.

“Currently, the Cloudflare loading page is no longer present. However, after looking at the domain in our Iris tool, I noticed IP and Nameserver were still tied to Cloudflare,” he said.

“So, it seems took down their Cloudflare landing page, but are still hosted by Cloudflare. It looks like changed over to using Cloudflare in September of 2016. (Roughly) This means they are still using their services, they just aren't displaying that as outwardly as before."


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews