Audio By Carbonatix
A cyber-security researcher has exploited a glitch on the CIA's official Twitter account, to hijack a channel used for recruiting spies.
The US Central Intelligence Agency (CIA) account on X, formerly known as Twitter, displays a link to a Telegram channel for informants.
But Kevin McSheehan was able to redirect potential CIA contacts to his own Telegram channel.
"The CIA really dropped the ball here," the ethical hacker said.
The CIA is a US government organisation known for gathering secret intelligence information, often over the internet, from a vast network of spies and tipsters around the world
Its official X account, with nearly 3.5 million followers, is used to promote the agency and encourage people to get in touch to protect US national security.
Biggest fear
Mr McSheehan, 37, who lives in Maine, in the US, said he had discovered the security mistake earlier on Tuesday.
"My immediate thought was panic," he said.
"I saw that the official Telegram link they were sharing could be hijacked - and my biggest fear was that a country like Russia, China or North Korea could easily intercept Western intelligence."
At some point after 27 September, the CIA had added to its X profile page a link - https://t.me/securelycontactingcia - to its Telegram channel containing information about contacting the organisation on the dark net and through other secretive means.
The channel said, in Russian: "Our global mission demands that individuals be able to reach out to CIA securely from anywhere," while warning potential recruits to "be wary of any channels that claim to represent the CIA".
But a flaw in how X displays some links meant the full web address had been truncated to https://t.me/securelycont - an unused Telegram username.
As soon as Mr McSheehan noticed the issue, he registered the username so anyone clicking on the link was directed to his own channel, which warned them not to share any secret or sensitive information.
"I did it as a security precaution," he said.
"It's a problem with the X site that I've seen before - but I was amazed to see the CIA hadn't noticed."
The CIA did not reply to a BBC News request for comment - but within an hour of the request, the mistake had been corrected.
Latest Stories
-
We must protect our own – Adutwum spokesperson calls for Ashanti solidarity
21 minutes -
FDA shuts down 7 Foreign shops in Kumasi over unapproved, foreign-labelled products
29 minutes -
13 arrested as Central East Police crack down on crime in Senya Beraku enclave
35 minutes -
Kumasi residents raise alarm over poor street lighting ahead of Christmas
1 hour -
Police swoop in Kintampo nabs 13 in drug bust, seizes cannabis and tramadol
1 hour -
Activist urges stronger border security, environmental protection, and accountability
1 hour -
Let’s be more intentional about our unity than they were about our division – Mahama to diaspora
2 hours -
Former Jasikan MCE quits as Bryan Acheampong’s coordinator; declares support for Bawumia
2 hours -
2025 Diaspora Summit: Ablakwa calls for concrete action on reparations
2 hours -
Police crack down on drug trafficking in Tamale, arrest 4 and seize illicit substances
2 hours -
Egg-citing deals as The Multimedia Group’s X’mas Egg Market sells out on Day 1, returns tomorrow
3 hours -
NPP Primaries: Electoral Area Coordinators in Yunyoo, Chereponi and Saboba declare support for Bawumia
3 hours -
Revocation of L.I. 2462 step in the right direction – Lands Ministry Spokesperson
4 hours -
Afeku urges creation of world-class hospitality training school in Volta Region
4 hours -
Ghana’s unemployment rate eases slightly to 13.0% in 2025 third quarter
4 hours