Twitter and Elon Musk have both subpoenaed whistleblower Peiter Zatko,Twitter’s ex-head of security.

Twitter and Elon Musk have both subpoenaed whistleblower Peiter Zatko,Twitter’s ex-head of security.Credit:Washington Post

Decades later,after years spent improving the cyber defences of the White House and some of the world’s biggest technology companies,Mudge,an “ethical hacker”,has been thrust into the centre of Elon Musk’s$US44 billion takeover battle for Twitter.

Musk,the billionaire behind Tesla and SpaceX,is attempting to walk away from a takeover deal for the social network. Twitter has in turn sued Musk to force him to go through with his $US54.20 per share offer.

The billionaire alleges that the deal with Twitter is void owing to misleading statements made by the social network about the number of bots,or fake accounts,on its site. Musk and Twitter are due to go to court on October 17 with the spotlight on its former security chief’s explosive claims,but Musk has moved to delay the trial after Zatko’s claims.

Loading

Among Zatko’s most damaging complaints are that Twitter had been infiltrated by foreign government agents. The ethical hacker claims that Twitter had come under pressure from India,Russia and Nigeria “with varying degrees of success” to hire local employees that could be “used as leverage” against the social network. He claimed that in India,Twitter was forced to hire “government agents” who would have access to user data.

The security engineer also claims Twitter became reliant on Chinese money for revenues. In a separate case,Saudi Arabia was accused of spying on Twitter using one of its employees.

In parallel,Zatko,who was until January Twitter’s head of security,has been building a whistleblowing case against the social network,alleging weak security practices and a risk that foreign spies have infiltrated the company. The hacker’s claims were revealed last weekafter he submitted them to US politicians and regulators.

Advertisement

Zatko,who says he did not coordinate with Musk,also alleges Twitter has fudged the issue of fake accounts by inventing a unique way of counting its users. In his testimony,he claims Twitter has been “lying about bots to Elon Musk”.

Zatko claims Twitter bosses invented a new metric:“monetisable daily active users”. Most other sites simply count the number of active users they have,but Zatko alleges that the “monetisable” part lets Twitter ignore a large proportion of its bot accounts. The social media site’s bosses say about 5 per cent of “monetisable” daily users are spam but have remained tight-lipped about how they reached that figure.

Peiter Zatko’s alleges Twitter has been infiltrated by foreign government agents.

Peiter Zatko’s alleges Twitter has been infiltrated by foreign government agents.Credit:Bloomberg

What this really means,according to Zatko,is that Twitter simply does not really count how many bots are on its site. “Senior management had no appetite to properly measure the prevalence of bot accounts,” his testimony alleges. The former Twitter employee’s testimony has presented Musk with an opportunity. On Monday,Musk’s legal team sent Twitter another letter demanding the deal be quashed. The billionaire’s lawyers said:“The Zatko complaint alleges far-reaching misconduct at Twitter - all of which was disclosed to Twitter’s directors and senior executives,including Parag Agrawal - that is likely to have severe consequences for Twitter’s business.”

Musk’s legal team has also issued a demand that Zatko give evidence ahead of the trial in October.

Dan Ives,a Wall Street analyst,says:“The Zatko development and timing is a huge potential win for Musk which could complicate the Twitter case.”

Twitter has called Zatko a disgruntled employee who was fired for poor performance. Twitter’s lawyers said that Musk’s latest effort to terminate the deal was “invalid and wrongful under the agreement”. Of Zatko’s whistleblowing claims,the social networking site has said:“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context.”

Loading

As one of the cyber-security world’s founding characters,the former Cult of the Dead Cow hacker rubbed shoulders with pioneering ethical hackers. CDC’s hacking specialism was creating software tools that exploited security flaws in Windows,with the aim of forcing Microsoft to fix them. In 1998 Mudge was one of seven hackers who told the US Congress they could shut down the entire internet in 30 minutes.

Mudge later turned to the corporate world where his skills were in high demand. In 2015,he was called upon by the Obama White House to set up a software testing organisation. Two years later he returned to the private sector as head of security for Stripe,the payments processor;his success there caught the eye of Jack Dorsey,who tapped up the veteran hacker in 2020 to run security at Twitter.

By November 2021 Dorsey had resigned,however. His replacement was Twitter’s chief technical officer,Parag Agrawal. Within tech companies there is always a tension between the IT and the security departments,and so it proved at Twitter:Mudge was ousted in January,with Twitter giving the reason as “poor performance”.

Telegraph,London

The Business Briefing newsletter delivers major stories,exclusive coverage and expert opinion.Sign up to get it every weekday morning.

Most Viewed in Business

Loading