Twitter's GodMode, an internal tool that allowed teenage hackers to tweet from multiple high-profile accounts in 2020, is still accessible by all engineers at the company, according to a whistleblower complaint filed with the Federal Trade Commission (FTC).
Related: The 2009 hacks that led to Twitter settling with the FTC share many parallels with the recent Twitter hacks
The program allows Twitter employees to tweet from any account they wish. In 2020, teenage hackers, led by then-17-year-old Graham Clark, used the program to tweet from high-profile accounts, including Barack Obama, Joe Biden, Bill Gates, and Jeff Bezos.
After the incident, Twitter claimed it had addressed the vulnerabilities that allowed the hackers to have control of the program. However, according to the whistleblower complaint, that is not the case.
The whistleblower, who preferred to stay anonymous to avoid retaliation from the company, said that all engineers have access to the program, now called “PrivilegedMode.” Perhaps more troubling is the allegation that “Twitter does not have the capability to log which, if any, engineers use or abuse,” the tool.
“After the 2020 hack in which teenagers were able to tweet as any account, Twitter publicly stated that the problems were fixed,” the complaint noted, as reported by WaPo. “However, the existence of GodMode is one more example that Twitter's public statements to users and investors were false and/or misleading.”
The whistleblower has raised their concerns with both the House Energy and Commerce Committee and the Senate Judiciary Committee.
The whistleblower told the House Energy and Commerce Committee that they believed the reason the program has not been removed is that it allows Twitter employees to tweet for advertisers who are unavailable to tweet themselves.