Hackers have defaced the campaign website of U.S. President Donald Trump to briefly promote a scam trying to get donations in the privacy-centric cryptocurrency Monero (XMR). It’s unclear whether any donations were made.

The defacement, according to the New York Times, latest less than 30 minutes and was first spotted by Gabriel Lorenzo Greschler, a journalist at the Jewish News of Northern California who was researching an article on climate change at the time.

The defacement comes as both Trump’’s campaign and that of his opponent, Joseph Biden, are on high alert for digital interference ahead of the Presidential election next week. Tim Murtaugh, a spokesman for the Trump campaign, confirmed the website was defaced and added the campaign is “working with law enforcement authorities” to investigate the attack’s source.

He added that there was no exposure to sensitive data “because none of it is actually stored on the site.” The website has since been restored. The defacement saw the hackers claim to have compromised “multiple devices” that gave them access to the “most internal and secret conversation” of the U.S. president.

They claimed, without proof, this access included classified information that tied the Trump administration to the origins of the coronavirus and to cooperation with “foreign actors manipulating the 2020 elections.”

They then asked for Monero donations from website visitors to one of two funds – one asking to share the data, and another asking to not share it – as a “vote.” It added that “after the deadline” the funds would be compared and the “will of the world” would be executed. It’s worth noting no deadline was specified.

The hackers posted an encryption key that would later be used to verify whatever information they posted was from the same group that defaced the website. The key, The New York Times writes, corresponded to an email address at a non-existent website.

Cybersecurity experts claim the incident could have been caused through a phishing scheme that tricked a website administrator into handing over credentials, or by redirecting the campaign website to the hackers’ server.

Featured image via Unsplash.