Categories: NewsTech

Twitter admits Android app vulnerability that exposed user’s private data

It seems that Twitter can’t catch a break. The social media platform recently disclosed it discovered a vulnerability in its Android app that can be exploited to allow malicious parties to access a user’s private data including their direct messages (DM).

Twitter explained in a post that it recently discovered the existence of the vulnerability in the Android app that could have allowed an attacker, through a malicious app installed on the device, to access private Twitter data by working around Android’s system permissions. The issue is apparently not new as it is related to a problem that Google had already fixed in its October 2018 security patch.

Here are the steps recommended by Twitter:

1. Updated Twitter for Android to make sure external apps can’t access Twitter in-app data by adding extra safety precautions beyond standard OS protections

2. Requiring anyone that may be impacted to update Twitter for Android

3. Sending in-app notices to everyone who could have been vulnerable to let them know if they need to do anything

4. Identifying changes to our processes to better guard against issues like this

The good news is that 96% of Twitter users on Android are not vulnerable to this issue. But that also means the remaining 4% of users on Android 8 and Android 9 were exposed to this exploit. Twitter, however, said there was no evidence the vulnerability was exploited.

This isn’t the first vulnerability Twitter has detected in its Android app. The company has previously disclosed a similar problem after a fix was made available. 

In mid-July 2020, Twitter suffered an unprecedented hack that compromised the accounts of high-profile individuals such as Bill Gates, Elon Musk and Joe Biden.

The mastermind behind the hack was revealed to be Graham Ivan Clark, a 17-year-old teenager from Florida, who was arrested on 31 July. Based on The New York Times’ story, Clark tricked an unwitting employee via a phone phishing attack and gained access to Twitter’s account management tools.

[SOURCE]

Related reading

Recent Posts

Malaysia’s largest DC charging hub is opening soon at Iskandar Puteri, Johor

DC Handal is expected to unveil what appears to be Malaysia's largest EV charging hub…

14 hours ago

Realme GT 7 Pro coming to Malaysia as first smartphone with Snapdragon 8 Elite chip, launching 18th November

Realme has debuted its latest flagship smartphone, the Realme GT 7 Pro in China, featuring…

15 hours ago

Malaysia to kill off NGVs in 2025 due to safety concerns

Malaysia will ban natural gas vehicles (NGVs) on 30 June 2025. Subsequently, no new natural…

16 hours ago

Is your iPhone 14 Plus having camera issues? Apple has a solution for you

Apple has launched a service program for the iPhone 14 Plus where certain units fail…

18 hours ago

U Family 128: U Mobile offers 1000GB shared data with 4 lines and free roaming for RM128/month

U Mobile has introduced its new U Family 128 offering, a new family plan which…

20 hours ago

PlayStation 5 Pro leaked – 16.7 TFLOPS GPU, 16GB GDDR6 dedicated VRAM, 2GB DDR5 system RAM

We are just three days away from the launch of the beefed-up PlayStation 5 Pro…

22 hours ago

This website uses cookies.