An alleged leak of internal code from X, the social media platform previously known as Twitter, purports to show protections granted to right-wing accounts that would allow them to break the site’s rules without consequence.
But while the “leak” sparked instant backlash and outrage, numerous tech experts say the alleged code doesn’t appear real.
On Wednesday, a screenshot began circulating on X of what’s been dubbed “the Twitter API leak,” which alleges to show “Okta configs” for X.
Okta is a third-party site that handles user verification for platforms.
The account sharing the image, a user named “Anti-Fascist Turtle” who has since been suspended, claimed that X had a list of users who did not have to abide by the platform’s Terms of Service.
“New Twitter API leak reveals that there’s a group of ‘protected users’ that are allowed to break the Terms of Service without consequence,” the user wrote. “Even including a list of whitelisted slurs,” the user said. “Also worth mentioning that all of the listed accounts are right-wing in their contents.”
What is the Twitter API leak?
So-called protected users in the alleged code include members of the Trump family, such as President Donald Trump, Eric Trump, and Donald Trump Jr. Other protected users are listed as Elon Musk, who owns the X platform, as well as far-right influencers Andrew Tate and Libs of TikTok, and even the account for the Russian government.
Protected terms are listed to show highly specific racial slurs, as well as the words “illegal” and “Mexican.”
The so-called leak quickly went viral among left-leaning users on X, who argued that the sudden suspension of Anti-Fascist Turtle suggested that the code was real.
“Just in case you missed it, Elon just nuked @TheAntifaTurtle for making a callout on an API leak revealing a list of users with immunity, who are allowed to say any kind of slurs or hate speech without any consequences, all from major right wing influencers,” one user said. “Great site guys.”
The source of the claim appears to be a user from a chat room run by the malware hosting service vx-underground. In a post to X on Thursday, vx-underground said that the screenshot was shared to social media after being discussed internally, despite concerns that the leak wasn’t real.
“We get links, stories, leaks, etc. all the time,” vx-underground wrote. “We get tons of blatant lies, misinformation, exaggerated stories, etc. was actually really hurtful when someone leaked this. Broke my heart that someone in our close circle of friends would violate our trust tl;dr. sad boi hours.”
Tech experts were also unconvinced. Numerous users—including cybersecurity researcher and hacker maia arson crimew—pushed back on the code’s legitimacy.
In a post to X, maia cast suspicion on the leak and argued that “it looks like perfect bait to stir up the pot and later make fun of people for believing it.”later
The URL where the code was supposedly discovered does not exist and was never archived. And the list of protected users, maia noted “seems perfectly tailored to ‘triggering the left’ and would make little no sense to be implemented in a config file.”
The post also seems to be fortuitous. Numerous accounts that shared the “leak” claimed they believed Tate had recently been given a special exception to use racial slurs, claiming to see an uptick of them on his page.
And, suddenly, there was the evidence.
While sites like X have features that require manual moderation on high-profile accounts to protect them from mass-reporting campaigns, those features are “only accessible on internal tooling and is a database flag on accounts, not a list,” maia added.
And while maia says her analysis, much like the leak, is largely speculation, she “considers the burden of proof for such a massive claim to be on the side making such a clam.”
“as of right now i consider the into to be disinformation and given there does not appear to be a verifiable archive of the URL the data is claimed to be from I do not consider the information to be verifiable without comment from twitter,” she said.
In response to maia, a former employee of Twitter also said that, at least prior to Musk’s takeover, moderation was done through internal tools, not Okta and whitelists as shown in the supposed leak.
Other prominent users, such as popular YouTuber and cybersecurity researcher Ryan McBeth, also expressed doubts that Okta would be used that way.
In a statement to journalist Benedict Garman, Okta also confirmed that the alleged leak was fabricated.
“We can confirm that this is definitely an invalid url and we confirm the screenshot is fake,” an Okta spokesperson said.
X has not publicly commented on the alleged leak, but the platform placed “Manipulated media” tags on posts discussing the issue.
The tag has done little to quell the belief among some left-wing users that the code is real, thinking it’s a double fake by Musk to hide his secret racism protocols.
But for now, without any further verification, the so-called Twitter API leak does not appear to be legitimate.
Internet culture is chaotic—but we’ll break it down for you in one daily email. Sign up for the Daily Dot’s web_crawlr newsletter here. You’ll get the best (and worst) of the internet straight into your inbox.
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
The post No, Elon Musk’s secret racism protocols for Trump, Andrew Tate, and Russia didn’t leak appeared first on The Daily Dot.
WATCH VIDEO
DOWNLOAD VIDEO
