Categories: NewsTech

Twitter admits Android app vulnerability that exposed user’s private data

It seems that Twitter can’t catch a break. The social media platform recently disclosed it discovered a vulnerability in its Android app that can be exploited to allow malicious parties to access a user’s private data including their direct messages (DM).

Twitter explained in a post that it recently discovered the existence of the vulnerability in the Android app that could have allowed an attacker, through a malicious app installed on the device, to access private Twitter data by working around Android’s system permissions. The issue is apparently not new as it is related to a problem that Google had already fixed in its October 2018 security patch.

Here are the steps recommended by Twitter:

1. Updated Twitter for Android to make sure external apps can’t access Twitter in-app data by adding extra safety precautions beyond standard OS protections

2. Requiring anyone that may be impacted to update Twitter for Android

3. Sending in-app notices to everyone who could have been vulnerable to let them know if they need to do anything

4. Identifying changes to our processes to better guard against issues like this

The good news is that 96% of Twitter users on Android are not vulnerable to this issue. But that also means the remaining 4% of users on Android 8 and Android 9 were exposed to this exploit. Twitter, however, said there was no evidence the vulnerability was exploited.

This isn’t the first vulnerability Twitter has detected in its Android app. The company has previously disclosed a similar problem after a fix was made available. 

In mid-July 2020, Twitter suffered an unprecedented hack that compromised the accounts of high-profile individuals such as Bill Gates, Elon Musk and Joe Biden.

The mastermind behind the hack was revealed to be Graham Ivan Clark, a 17-year-old teenager from Florida, who was arrested on 31 July. Based on The New York Times’ story, Clark tricked an unwitting employee via a phone phishing attack and gained access to Twitter’s account management tools.

[SOURCE]

Related reading

Recent Posts

Every Transaction Could Make You a Monthly Millionaire – Here’s How with Maybank’s MAE

This post is brought to you by Maybank. Unlock more than just transactions with MAE’s…

9 hours ago

Oppo Find X8 series: Launching in Malaysia on 30th November 2024, priced from RM3,699

After making its debut in China late last month, the Oppo Find X8 series has…

14 hours ago

Hyundai Ioniq 9: The brand’s first 3-row electric SUV, offers up to 429hp and 620km of range

Hyundai has officially unveiled the new Ioniq 9 which marked yet another expansion to its…

14 hours ago

BMW Group leads Malaysia’s premium EV segment, long term certainty needed for local assembly

BMW Group remains bullish in its commitment to drive sustainable mobility across the Southeast Asian…

21 hours ago

Dongfeng Box Malaysia: First public test drive event is happening on 23 to 24 Nov

After completing its 45,000km road test in Malaysia earlier this year, Dongfeng Box will finally…

1 day ago

Take control of your health: Meet the medically certified HUAWEI WATCH D2 with Ambulatory Blood Pressure Monitoring

This post is brought to you by HUAWEI. Hypertension is a significant global health concern,…

2 days ago

This website uses cookies.