17 million Twitter users threatened by security breach
The Android version of Twitter suffers from a serious security breach since a security expert managed to discover the phone numbers of millions of subscribers to this social network.
A security researcher discovered a bug in the Android Twitter application that allowed him to discover the phone numbers associated with 17 million accounts. Interviewed by TechCrunch, Ibrahim Balic explained how he managed to abuse the contact's download system of the application to reveal numerous accounts from phone numbers.
 |
| Photo by Saulo Mohana on Unsplash |
He started from a simple observation: “If you send your phone number, it collects user data in return. So he generated a list of two billion phone numbers, in random order to thwart the system. He then gradually downloaded them into the Android application over a period of two months, and was thus able to identify accounts in Israel, Turkey, Iran, Greece, Armenia, France and Germany.
Two faults in one week
The researcher shared his discovery on WhatsApp in an attempt to warn the users directly concerned, some of whom are political figures. Twitter blocked accounts exploiting the flaw on December 20 and says it is working on a solution so that this cannot happen again.
It is the second flaw in a week, the social network having already published details on another security problem in the Android application. This second flaw could have allowed the insertion of malicious code to allow to take control of an account. Twitter advises users to update the application.
No comments:
Post a Comment