US Army websites defaced in 404 hijacking attack to post messages about Trump
Some accused the President of sexual crimes and being a “thief.”

US President Donald Trump talks to reporters. Alex Wong/Getty Images.
- Hackers defaced two US Army websites with anti-Trump insults and pro-Kurdistan messages by hijacking 404 error pages on WordPress platforms.
- The compromised sites belonged to the Army's AI Integration Center and Open Innovation Lab, both testing facilities for military technology.
- The Army took the websites offline and confirmed they ran on a legacy third-party platform isolated from the main network.
- The breach highlights security gaps in military-adjacent infrastructure and follows a recent Department of Homeland Security data breach disclosure.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.
Two websites of the US Army got hacked earlier this week, displaying pro-Kurdistan comments and insults addressed to President Donald Trump and US Ambassador to Turkey Tom Barrack.
One of the websites belongs to the Army’s Open Innovation Lab, a facility where military, industry, and scientists test and integrate software and cyber capabilities. The test lab was founded in 2020.
The other site is part of the Artificial Intelligence Integration Center, founded in 2019 to integrate AI technology into the Army and train personnel on emerging technologies.
Political messages were displayed on so-called 404 error pages. These pages appear when someone tries to visit a page, but the server is unable to provide it.
Usually, these pages show a blank page with a “404 error not found” status code. This time around, an unknown attacker modified the default message and replaced it with an alternate, political notice.
It said that President Trump is a “pedophile” and a “thief.” The messages also mentioned the US ambassador to Turkey, Tom Barrack, and called for a “free Kurdistan.”
As of writing, it’s unclear how the attackers were able to edit the 404 error pages.
According to Ronald Lovelace, an independent cybersecurity researcher who discovered the defacements, the affected websites run on WordPress. This may mean the attackers used compromised plugins or incorrect server configurations to gain access to the websites’ backends and to rewrite the 404 error message.
Lovelace informed CyberScoop of the defacement. When contacted by the news outlet, the websites were temporarily taken offline. An Army spokesperson said that the pages were hosted on a legacy third-party platform that is not connected to the Army’s enterprise network and have since been removed.
Stay updated with our latest stories and follow us on social media
Be the first to discover new stories, ideas, and updates from our team.
“We are aware of unauthorized defacements on the error pages. Technical teams took immediate action to mitigate the issue, and the affected pages have been secured. The Army takes all cyber incidents seriously and is actively investigating this matter to enforce our strict cyber defense and network security standards,” the spokesperson added.
It remains unclear whether any data was stolen.
Last week, the Department of Homeland Security disclosed a data breach involving an “unclassified legacy information sharing environment.”
Anonymous sources told the media that the breach affected the Home Security Information Network (HNIS), a platform used to share sensitive but unclassified data with partners, including foreign law enforcement, local authorities, and other organizations.