Twitter Vulnerability Leads to ‘Shadow Ban’ Exploits, Receives Official CVE
April 6, 2023
A recently discovered vulnerability in Twitter's code enables users to manipulate the platform's algorithm, resulting in 'shadow bans' of specific users. The flaw has now been assigned an official CVE number, CVE-2023-29218, by the MITRE Corporation. Users can exploit this vulnerability by coordinating mass blocking actions from large numbers of accounts, effectively suppressing targeted users from appearing in others' feeds. The issue was first identified by infosec researcher Federico Andres Lois after analyzing Twitter's leaked source code. The bug allows botnet armies to game the algorithm with mass blocks, mutes, abuse reports, spam reports, and unfollows, which can significantly reduce the visibility of specific accounts in Twitter's recommendation engine.
Lois explained in his disclosure, "The current implementation allows for coordinated hurting of account reputation without recourse." He added, "Any other time I would just report this information using a vulnerability channel, but given that this is already popular knowledge there is no use to do so." The MITRE CVE entry elaborated on the issue, stating, "The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023."
The vulnerability has since been discovered by others, leading to a cryptic response from Twitter CEO Elon Musk, who tweeted, "Who is behind these botnets? Million dollar bounty if convicted." The discovery of this flaw raises concerns about the potential for manipulation and censorship on the social media platform. As Twitter continues to address the issue, users are urged to remain vigilant and report any suspicious activity they encounter.
Latest News
- 80,000 QNAP Devices Exposed to Cyberattacks Due to Zero-Day Vulnerabilities
- Lazarus Group Suspected in 3CX Breach as Second-Stage Backdoor Discovered
- CISA Issues Warning on Zimbra Bug Exploited in NATO Country Attacks
- 3CX Supply Chain Hack: Europe, North America, and Australia Most Affected
- 10-Year-Old Windows Vulnerability Exploited in 3CX Attack
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.