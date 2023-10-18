A cyber-security researcher has discovered a security flaw on the CIA’s official Twitter account that allowed him to hijack a channel used for recruiting spies. The CIA, a US government intelligence organization known for gathering secret information, has an official Twitter account with nearly 3.5 million followers. This account promotes the agency and encourages people to get in touch to protect US national security.

Kevin McSheehan, an ethical hacker, noticed a security mistake on the CIA’s Twitter account. The account displayed a link to a Telegram channel for informants. However, McSheehan was able to redirect potential CIA contacts to his own Telegram channel exploiting a flaw in how Twitter displays links.

McSheehan expressed his concern that a country like Russia, China, or North Korea could easily intercept Western intelligence due to this security vulnerability. He took quick action and registered the truncated web address that was displayed on the CIA’s Twitter account. Anyone who clicked on the link was redirected to his own channel, which warned against sharing secret or sensitive information.

This security flaw was a problem with the Twitter website that McSheehan had noticed before, but he was surprised that the CIA had not noticed it. The CIA has not responded to requests for comment. However, within an hour of a news outlet’s request for comment, the security mistake was corrected.

It is crucial for government organizations to constantly monitor and address security vulnerabilities to protect sensitive information. The incident highlights the importance of ongoing vigilance and testing for security flaws, even for organizations that specialize in intelligence gathering and cyber security.

Source: BBC News