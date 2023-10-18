A cybersecurity researcher has exposed a major vulnerability in the Central Intelligence Agency's (CIA) official X account. The flaw in the social media platform formerly known as Twitter allowed the ethical hacker to infiltrate a recruitment channel used by the CIA to connect with potential informants.

The CIA, which specialises in gathering covert intelligence, often relies on an extensive network of spies and tipsters worldwide. Many of them are recruited through the internet.

To maintain its presence and encourage people to contribute to US national security, the CIA operates its official X account, which boasts nearly 3.5 million followers. This platform serves as a promotional tool and an avenue for engaging with potential recruits.

Sometime after September 27, 2023, the CIA's X account included a link to a Telegram channel intended for people interested in contacting the agency via the dark net and other discreet methods.

Exploiting the glitch

However, an unforeseen glitch in how X displayed certain links led to the truncation of the web address.

Instead of directing users to the intended Telegram channel, the link appeared as https://t.me/securelycont, inadvertently creating an available Telegram username. Seizing this opportunity, cybersecurity researcher Kevin McSheehan registered the username.

McSheehan redirected users clicking on the truncated link to his own Telegram channel, where he issued a warning against sharing confidential or sensitive information.

His actions were motivated by a concern for security and creating awareness about the recurring glitch that he had previously observed on X platform. The CIA appeared to have been oblivious to this vulnerability, a lapse that McSheehan found astonishing.

Within an hour of the inquiry, the error was rectified, and the link was corrected.