US government organization, CIA (Central Intelligence Agency) official Twitter(X) account was recently compromised by an Ethical Hacker (Good intent), through exploiting a glitch on twitter (X). In a disclosed article it was noted that the official account of the CIA displayed a telegram link to a channel for informants. However, the link had some inconsistency.
The cybersecurity researcher outsmarted the Agency, and was able to redirect potential CIA contacts to his own Telegram Channel. In his statement he said:
“The CIA really dropped the ball here.”
The CIA, a US government agency, is known for actively gathering secret intelligence worldwide through the internet, trusted allies, and spies. The compromised Twitter account (X) boasts over 3.5 million followers.
THE DISCOVERY WHAT HAPPENED NEXT:
Sources at bbc.com report that Mr. McSheehan (37), residing in Maine, United States (US), revealed he spotted the security glitch on Tuesday.
He commented saying:
“My immediate thought was panic. I saw that the official Telegram Link, they were sharing could be hijacked, and my biggest fear was that a country like Russia, China, or North Korea could easily intercept Western intelligence.”
Discovery shows that at a certain point in September (27 September, 2023), the CIA had added a telegram link (https://t.me/securelycontactingcia) to its X-profile page, which contains channels and medium to reachout to the CIA on the darknet or through other confidential means.
The channel which was written in Russian translated to:
“Our global mission demands that individuals be able to reachout to CIA securely from anywhere, and be wary of any channels that claim to represent the CIA.”
The Security flaw which was discovered on twitter(X), displays a link partly, an indicator that the full address has been truncated to https://t.me/securelycont.
On checking the URL, it was discovered to be associated with an unused telegram username. Mr McSheehan stated that immediately he noticed it, he quickly registered the username, and disclosed in the channel that sensitive information or secrets shouldn’t be reported.
He narrated that:
“I did it as a security precaution. It’s a problem with X site, that I’ve noticed before-but I was amazed to see the CIA hadn’t noticed.”
However within an hour of the incidence, the CIA quickly remediate the issue.
Please do let us know in the comment section what are your thoughts about this.