Twitter appoints well-known hacker ‘Mudge’ as head of security
Twitter has appointed security expert Peiter Zatko, who calls himself Mudge, as head of security. He previously worked at Google ATP and the US Defense Institute Darpa, and is the author of the L0pthCrack software.
When Twitter gets Mudge a broad mandate to make changes to the structure and practices of security. Reuters writes this in an interview with the new security head of the social network. Zatko will report directly to Twitter CEO Jack Dorsey and will assume key security duties within Twitter after a trial period of 45 to 60 days.
Mudge tells Reuters that he will take a closer look at information security, website integrity, physical security and the integrity of the platform. He will also be involved in research into abuse and manipulation of the platform and the further development of Twitter.
Mudge worked in a senior position at Google’s Advanced Technology and Projects division between 2013 and 2015. Before that, he worked for three years as Cyber Security Director at the American defense institute Darpa. Born in 1970, the American built fame in the hacker scene in the 1990s.
In 1995, Mudge was one of the first to publish a paper on buffer overflow vulnerabilities. He was a prominent member of the hacker collectives L0pth and Cult of the Dead Cow. In 1997, the security expert released L0phtCrack, a program to test, crack, or recover passwords. That software still exists, but changed hands a number of times. Since April 2020, L0phtCrack has been owned by Terahash.
Twitter faced a major security incident earlier this year. Accounts from various companies and celebrities, including Apple, Elon Musk, Bill Gates and Joe Biden, were acquired and crypto scams were posted on them. The attackers gained access to internal systems of the social network through social engineering.
Mudge (center) testified in 1998 with other L0pth members for the US Senate on serious vulnerabilities of internet-connected government systems.