Twitter Vulnerability Leads to ‘Shadow Ban’ Exploits, Receives Official CVE

April 6, 2023

A recently discovered vulnerability in Twitter's code enables users to manipulate the platform's algorithm, resulting in 'shadow bans' of specific users. The flaw has now been assigned an official CVE number, CVE-2023-29218, by the MITRE Corporation. Users can exploit this vulnerability by coordinating mass blocking actions from large numbers of accounts, effectively suppressing targeted users from appearing in others' feeds. The issue was first identified by infosec researcher Federico Andres Lois after analyzing Twitter's leaked source code. The bug allows botnet armies to game the algorithm with mass blocks, mutes, abuse reports, spam reports, and unfollows, which can significantly reduce the visibility of specific accounts in Twitter's recommendation engine.

Lois explained in his disclosure, "The current implementation allows for coordinated hurting of account reputation without recourse." He added, "Any other time I would just report this information using a vulnerability channel, but given that this is already popular knowledge there is no use to do so." The MITRE CVE entry elaborated on the issue, stating, "The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023."

The vulnerability has since been discovered by others, leading to a cryptic response from Twitter CEO Elon Musk, who tweeted, "Who is behind these botnets? Million dollar bounty if convicted." The discovery of this flaw raises concerns about the potential for manipulation and censorship on the social media platform. As Twitter continues to address the issue, users are urged to remain vigilant and report any suspicious activity they encounter.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.