Last Updated on August 23, 2022
Peiter “Mudge” Zatko– a software engineer and well-known “ethical hacker” — has claimed that Twitter is a national security risk. Zatko — who became well known in the hacker community after leading a 1990s-era group called “Cult of the Dead Cow” — was previously hired by Twitter to overhaul its cybersecurity after a series of embarrassing glitches. The cybersecurity expert believes Twitter presents a grave threat to national security after the tech giant reneged on a deal with the federal government to set up a system that adequately protects user data, the New York Post reported.
Zatko was named head of security by Twitter two years ago after a series of high-profile hacks. Accounts belonging to major figures in business and politics, including Joe Biden, Kanye West, Barrack Obama and Jeff Bezos, were hacked in an effort to defraud their followers of Bitcoin.
“Feeling greatful, doubling all payments sent to my BTC address!,” the affected accounts tweeted, misspelling the word grateful. “You send $1,000, I send back $2,000! Only doing this for the next 30 minutes.”
A British man was eventually charged in connection with the hacks, while a number of others have been brought up on similar charges. The DOJ said 22-year-old Joseph O’Connor was arrested in Estepona, Spain, after US authorities charged him in connection with the July 2020 hacking of more than 130 high-profile accounts.
In 2020, an analysis by a cryptocurrency compliance firm found that the scammers took more than $100,000 worth of bitcoin.
Breaking: Joe Biden’s twitter account has been hacked, promoting a bitcoin scam. pic.twitter.com/g1qA62MnI1
— PM Breaking News (@PMBreakingNews) July 15, 2020
Zatko was named head of security by Twitter not long after the hacks, though he now holds serious doubts about the company’s security.
In a filing with the federal government that was first obtained by the Washington Post and CNN, Zatko alleges that Twitter has failed to adhere to a deal with the Federal Trade Commission to plug the cybersecurity holes that led to the hacks. Zatko accused the tech giant of failing to upgrade its server infrastructure, most of which he says is out of date — thus leaving it vulnerable to severe breaches.
He also said Twitter’s failure to safeguard the data of its 238 million users — which includes heads of state, Pentagon officials and members of the intelligence community — constitutes a grave national security threat. Twitter often fails to track user data even when accounts are deleted, Zatko alleges, which is a violation of the pledge the company made to the FTC more than a decade ago.
Zatko was fired earlier this year after flagging these issues, he alleges.
The famed hacker turned cybersecurity expert also seemed to back Elon Musk’s assertions about the company’s dishonesty regarding automated “bot” accounts. His complaint alleges that there is financial incentive for the company to artificially inflate follower counts and engagement with bot accounts as opposed to cracking down. Elon Musk has repeatedly accused Twitter of underreporting their bot numbers as he seeks a way out of his $44 million takeover offer.
The complaint claims that Twitter’s C-Suite could be paid out bonuses worth up to $10 million if they boosted the number of user counts, incentivizing them to ignore the site’s widespread issue with spam accounts, according to the New York Post. “Twitter executives have little or no personal incentive to accurately ‘detect’ or measure the prevalence of spam bots,” read the complaint. “Senior management had no appetite to properly measure the prevalence of bot accounts… they were concerned that if accurate measurements ever became public, it would harm the image and valuation of the company.”