Twitter Engineers Can Tweet as any Account Using ‘GodMode’ Claims Whistleblower

According to The Washington Post, a new Twitter whistleblower has come forward, confirming the alarming evidence from last year regarding the dismal status of the company’s privacy protections and stating that the company continues to break the law under new owner Elon Musk.

Three months after Musk’s takeover, the former employee informed members of Congress and employees of the Federal Trade Commission that any Twitter engineer could now activate an internal program known as “GodMode” and tweet from any account.

Reports say the FTC, which is still speaking with former employees, received the complaint in October from the nonprofit law firm Whistleblower Aid.

After an event in 2020 where teenagers broke into Twitter’s internal systems and tweeted as Elon Musk, Barack Obama, and others, worries about the platform’s security. In 2020, Twitter management claimed that the bugs had been fixed, but the whistleblower denies that.

“After the 2020 hack in which teenagers were able to tweet as any account, Twitter publicly stated that the problems were fixed,” reads the complaint. 

“However, the existence of GodMode is one more example that Twitter’s public statements to users and investors were false and/or misleading.”

“Our client has a reasonable belief that the evidence in this disclosure demonstrates legal violations by Twitter,” the new complaint says.

After meeting with the House Energy and Commerce Committee and the FTC earlier, the whistleblower spoke with members of the Senate Judiciary Committee on Friday. Due to threats and harassment directed at other former employees, the whistleblower talked to The Post under the condition of anonymity.

The new whistleblower claimed that developers changed the program’s name to “privileged mode” in response to internal complaints about it. 

Notably, the program, according to the whistleblower, was created to enable Twitter workers to tweet on behalf of advertisers who are unable to do it themselves.

The whistleblower said that Peiter Zatko’s testimony from last year, the former Twitter security head whose sweeping claims The Post made public in August, inspired him to come forward. 

Poor access controls were one of many ways that Twitter was in violation of its 2011 FTC consent decree, which came after serious breaches, according to Zatko, who was fired by Agrawal, the CEO who succeeded Twitter co-founder and then-CEO Jack Dorsey. Zatko had been hired by Dorsey after the 2020 debacle.

Further, Twitter agreed to establish a “comprehensive information security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of nonpublic consumer information” in response to an FTC complaint that claimed an excessive number of its employees had access to internal systems and user data.

Reports say another engineer asserted that GodMode was still freely accessible. According to the new complaint, the incident prompted Twitter to reopen the case, which led to the realization that engineers could also remove or restore anyone’s tweets. 

Regular Twitter users aren’t able to do this. He further asserts that Twitter is unable to track who if anyone makes use of or abuses any of the special privileges.

“The new whistleblower complaint says the GodMode code remains on the laptop of any engineer who wants it. All they would have to do is change a line of the code from FALSE to TRUE and run it from a production machine that they could reach through an easily accessible communications protocol known as SSH”, reads the post

Also, the capitalized comment “THINK BEFORE YOU DO THIS” appears on the program line where a GodMode user can remove tweets. Photographs of electronic discussions between the whistleblower and his former coworkers are also included in the paper.

“It is not true that: a. ‘access to these tools is strictly limited’ b. ‘[w]e have zero tolerance for misuse of credentials or tools,’” Zatko’s complaint said.

Twitter claimed that when Zatko left, security had been enhanced prior to Musk’s takeover. However, a number of recently fired security personnel claimed in interviews with The Post that under Musk, things had grown significantly worse.

Because of the controversy surrounding Musk’s leadership, which has resulted in the company’s employees falling from 7,500 to fewer than 2000 individuals, that former employee also spoke on the condition of anonymity.

Hence, if the FTC decides that the corporation has consistently broken the FTC decree, several people who have been in regular touch with the agency say it’s likely the agency may punish the company with $1 billion or more.

Network Security Checklist – Download Free E-Book