+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Twitter staff can tweet from any account in 'GodMode' because loopholes weren't closed after Bitcoin scam hack, former engineer reportedly says

Jan 25, 2023, 18:29 IST
Business Insider
Twitter staff can tweet from any account, according to a former employee.Getty Images
  • Twitter staff can tweet from any account, according to an FTC complaint seen by The Washington Post.
  • The ex-Twitter engineer behind the complaint said it was called "GodMode," and the company didn't close it after a hack.
Advertisement

Twitter staff can tweet from any account using a program formerly known as "GodMode," according to a former employee who spoke to congressional staff and The Washington Post.

A complaint filed with the Federal Trade Commission by Whistleblower Aid last October prompted the federal agency to interview former Twitter employees, and a congressional staffer shared the complaint with the newspaper.

It follows a breach of Twitter security in July 2020, when teenage hackers got into the company's internal systems and tweeted from 45 high-profile accounts. The intruders shared links to a Bitcoin wallet, promising to double users' money, and as much as $120,000 was transferred before Twitter removed the scam tweets. The first tweet was sent from Elon Musk's account, while Apple, Barack Obama, and Jeff Bezos were also compromised.

Three people were arrested around two weeks later, with charges including wire fraud and identity theft. At the time, Twitter said the problem had been solved, but the whistleblower disputes this. Per The Post, the complaint says: "The existence of GodMode is one more example that Twitter's public statements to users and investors were false and/or misleading."

The ex-Twitter engineer told The Post that the program's name was changed to "privileged mode," and its original purpose was to let Twitter staff tweet on the behalf of advertisers.

Advertisement

While executives said access to the powerful tool had been cut after the 2020 hack, any engineer only needs to change a line of code from "false" to "true," according to the complaint seen by The Post.

"They put in writing to the public and regulators that they had closed all the loopholes. That's a lie," the whistleblower told The Post.

This latest report follows last July's complaint from Twitter's former head of security, Peiter Zatko, who was also represented by Whistleblower Aid. He joined the company shortly after the 2020 hack, and said he uncovered "extreme, egregious deficiencies by Twitter in every area of his mandate."

Twitter did not immediately respond to Insider's request for comment.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article