Twitter employees can tweet from any account on ‘GodMode’ as loopholes haven’t been closed after Bitcoin scam hack, former engineer reportedly says

Twitter logo illustration with cracks

According to a former employee, Twitter employees can tweet from any account.Getty’s paintings

  • Twitter employees can tweet from any account, according to an FTC complaint seen by The Washington Post.

  • The former Twitter engineer responsible for the complaint said it’s called “GodMode” and the company didn’t shut it down after the hack.

  • In 2020, hackers tweeted about a Bitcoin scam from several high-profile accounts after gaining access to internal systems.

Twitter employees can tweet from any account using a program formerly known as “GodMode,” according to a former employee who spoke to staff at Congress and The Washington Post.

A complaint filed with the Federal Trade Commission by Whistleblower Aid last October prompted the federal agency to interview former Twitter employees, and a Congressional employee shared the complaint with the newspaper.

This is due to a Twitter breach in July 2020, when teenage hackers got into the company’s internal systems and tweeted from 45 high-profile accounts. The intruders shared links to a Bitcoin wallet, promising to double users’ money, and as much as $120,000 was transferred before Twitter took down the fraudulent tweets. The first tweet was sent from Elon Musk’s account, while Apple, Barack Obama and Jeff Bezos were also compromised.

Three people were arrested about two weeks later on charges of electronic fraud and identity theft. At the time, Twitter said the issue had been resolved, but the whistleblower disputed this. According to The Post, the complaint says, “The existence of GodMode is another example of Twitter’s public statements to users and investors being false and/or misleading.”

A former Twitter engineer told The Post that the program was renamed “privileged mode” and its original purpose was to allow Twitter employees to tweet on behalf of advertisers.

While management claimed that access to the powerful tool was cut off after the 2020 hack, each engineer only needs to change a line of code from “fake” to “genuine,” according to a complaint received by The Post.

“They have written to the public and regulators that they have closed all loopholes. That’s a lie,” an insider told The Post.

This latest report follows a complaint filed last July by former Twitter security chief Peiter Zatko, who was also represented by Whistleblower Aid. He joined the company shortly after the 2020 hack and said he discovered Twitter’s “extreme, glaring shortcomings in every area of ​​its mandate.”

Twitter did not immediately respond to an Insider’s request for comment.

Read the original article in Business Insider

Leave a Reply

Your email address will not be published. Required fields are marked *