Twitter CIA X account was hijacked due to a technical glitch
- Tech Journalist
- Oct 25, 2023
- 2 min read
As the protection of cyber assets is of utmost importance, a troubling disclosure has surfaced as there is a security loophole in the CIA's official online platform. A cybersecurity expert recently discovered a security loophole on the CIA's official X account, which was previously known as Twitter.
This allowed him to take control of a channel that is used for recruiting spies. The US Central Intelligence Agency (CIA) has included a link in its X bio that is intended to guide informants to the messenger app Telegram. Unfortunately, due to an error in how the URL was displayed, Kevin McSheehan, an ethical hacker, redirected potential CIA contacts to his own Telegram channel.
Despite the growing occurrence of social media scams and fraudulent activities, McSheehan was amazed at how effortlessly this hijack could be carried out without being detected by the government organization.
The CIA's move in an effort to improve their intelligence-gathering capabilities around the world, launched a Telegram channel earlier this year. This platform provides individuals in countries with limited access to social or independent media with a means of sharing information and contact methods with the agency.
The link for this Telegram channel was included in the official bio of the CIA's X account, which has nearly 3.5 million followers. Unfortunately, URL truncation led McSheehan to identify a significant security flaw that could have been exploited by hostile nations seeking access to Western intelligence.
Upon discovery, he noticed that the official Telegram link they were sharing could be hijacked and the biggest concern was that a nation such as Russia, China or North Korea could intercept Western intelligence without difficulty. The CIA really made an error here.
A Familiar Functional Flaw towards the end of September this year, the CIA added its Telegram link (https://t.me/securelycontactingcia) to its profile. However, it was displayed on social media as (https://t.me/securelycont), which at that time was an unused Telegram username.
McSheehan quickly registered the username, resulting in anyone who clicked on the link being redirected to his own Telegram channel. He added a message there advising users against sharing sensitive or confidential information.
He stated: "I did it for security reasons. It's an issue with X site that I've seen before but I'm surprised that the CIA didn't notice."
Restoring Normalcy to Telegram URLs, The CIA has now rectified their mistake by displaying their correct telegram URL; however questions remain regarding how such a simple error could have occurred.
McSheehan concluded: "It was a perfect storm for something serious to happen, potentially undetected for some time if a perfect replica of the CIA channel had been produced."
The Agency's official Telegram channel shares content in both English and Russian languages emphasizing its global mission while urging potential informants to be vigilant about channels claiming association with the CIA.
