Skip to main content

Rudy Giuliani's Twitter typos are a malware trap! Don't click these

Former NYC Mayor Rudy Giuliani warming up the crowd during a Trump presidential campaign rally in Iowa, September 2016.
Former NYC Mayor Rudy Giuliani warming up the crowd during a Trump presidential campaign rally in Iowa, September 2016. (Image credit: mark reinstein/Shutterstock)

Former New York City Mayor Rudy Giuliani is famous for making mistakes on TV, but it's his mistakes on Twitter than might infect your PC with malware.

The former presidential candidate, now serving pro bono as President Donald Trump's personal attorney, sometimes makes typos when he posts web links on his Twitter feed, which has more than 650,000 followers. On this past Saturday, (Feb. 16), he made three. 

Crooks and pranksters have registered those mangled domain names and had fun with them. Two redirect to benign websites, but the third leads to a potentially malicious browser extension, as Malwarebytes' Jerome Segura wrote in a blog post today (Feb. 19).

Saturday just wasn't a good day for Rudy. He began by posting a long tweet calling financier George Soros "enemy number one of the Republican Party" and an "anarchist." Giuliani implored his followers to "watchrudygiulianics.com Wednesday this week." 

The problem is that Giuliani's personal website is "rudygiulianics.com." There's no "watch" in the URL. But someone registered "watchrudygiulianics.com" and it now redirects to a drug-treatment website.

Not as charming was the link Giuliani posted a couple of tweets later. In that case, he wrote "Rudy Giulianics.com," so only the last part linked to anything. 

Lo and behold, someone registered "Guilianics.com." If you click on that link, it now tries to get you to install a very shady-sounding browser extension that admits it will change your default search engine.

"When you see a domain registered with a Giuliani tweet with malware, that's not good for anybody," Segura told CNET.

Finally, Giuliani retweeted a fan's tweet and added another link to his own website, except that he left out the final "i", resulting in the link being "rudygiuliancs.com." 

Click on that, and you're redirected to the Wikipedia page about the Trump-Ukraine scandal, in which Giuliani plays a central role.

Segura points out that Giuliani, who was briefly President Trump's cybersecurity advisor, has become so famous for making digital gaffes -- Giuliani has butt-dialed reporters from his cell phone at least twice -- that people are counting on him to make mistakes.

"You're kind of relying on the user to make those typos and they happen once in a blue moon, so that's not ideal for attackers," Segura told CNET. "With him, just looking at the last few days, there were multiple occasions where he created links by mistake."