Categories: NewsTech

Twitter: Some Malaysian state-backed actors involved in hack

Twitter has revealed that a flaw in the company’s “contacts upload” feature has been discovered, with attempts having made by several state actors to allegedly access the phone numbers of users. A “high volume of requests” to use the feature was detected from IP addresses from Iran, Israel, and Malaysia.

“We observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia. It is possible that some of these IP addresses may have ties to state-sponsored actors. We are disclosing this out of an abundance of caution and as a matter of principle.”

According to a Reuters report, Twitter suspects that a government connection here, with the “attackers” in Iran having unrestricted access to the platform despite it being banned int he country. All of the connected accounts have been suspended in the meantime, and Twitter says that they have “fixed” the issue.

How did this happen?

According to Techcrunch, a security researcher said he matched 17 million phone numbers to Twitter accounts after exposing a vulnerability in the company’s Android app. In a nutshell, the issue stems from the contact upload feature. He explained that if you upload entire lists of random phone numbers, Twitter fetches user data in return, enabling you to match these numbers to their users.

Not everyone is affected, it appears. Twitter explained in a blog post that only users with the “Let people who have your phone number find you on Twitter” option with an associated phone number are susceptible, although the loophole has been fixed.

“We’re very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.”

There doesn’t appear to be any concrete news on who these “state actors” are, however. And it seems that Twitter doesn’t really know who exactly the perpetrators are—or they’re not pursuing it, I don’t know. State actors, by their very definition, are supposed to be parties acting on behalf of governments, which certainly is a scary thought.

And this isn’t the first time that Twitter and its users’ info has allegedly been misused for political agendas. Last year, 88,000 accounts from Saudi Arabia were suspended by the company for “manipulating” the platform as part of a state-backed information campaign. And Google has also revealed data privacy concerns of its own—some users reportedly had their private videos sent to total strangers while backing up their images on Google Photos.

[ SOURCE , 2 ]

Related reading

Recent Posts

Proton Saga Cross AMA02 spotted undergoing testing at Federal Highway

We spotted a camouflaged car at Federal Highway earlier today that might be the new…

1 hour ago

Huawei Pura 90s series arrives in Malaysia from RM3,699. Pro Max version gets a 200MP telephoto camera

Huawei has officially launched the Pura 90s series in Malaysia, its latest flagship camera phones…

6 hours ago

Pos Malaysia launches Pos ArRahnu Gold-i: Buy and save gold from RM10

Pos Malaysia has launched Pos ArRahnu Gold-i, a new Syariah-compliant digital gold platform that enables…

10 hours ago

Mforce.Cas: Last call to enjoy RM2,400 rebate on QJ Motor, Yadea, and Zeeho electric motorcycles

The Mforce Electric Motorcycle Incentive Program (Mforce.Cas) will conclude on 15 July. Originally announced back…

23 hours ago

CSOs call Freedom of Information Bill ‘incompetent’, say it preserves secrecy over transparency

Malaysia's long-awaited Freedom of Information (FOI) Bill was supposed to make it easier for the…

1 day ago

NanoMalaysia: Malaysia’s upcoming homegrown EV battery can help deliver over 600km of range

Malaysia will soon kick off the production of its first locally developed EV battery cell.…

1 day ago

This website uses cookies.