Categories: NewsTech

Twitter admits Android app vulnerability that exposed user’s private data

It seems that Twitter can’t catch a break. The social media platform recently disclosed it discovered a vulnerability in its Android app that can be exploited to allow malicious parties to access a user’s private data including their direct messages (DM).

Twitter explained in a post that it recently discovered the existence of the vulnerability in the Android app that could have allowed an attacker, through a malicious app installed on the device, to access private Twitter data by working around Android’s system permissions. The issue is apparently not new as it is related to a problem that Google had already fixed in its October 2018 security patch.

Here are the steps recommended by Twitter:

1. Updated Twitter for Android to make sure external apps can’t access Twitter in-app data by adding extra safety precautions beyond standard OS protections

2. Requiring anyone that may be impacted to update Twitter for Android

3. Sending in-app notices to everyone who could have been vulnerable to let them know if they need to do anything

4. Identifying changes to our processes to better guard against issues like this

The good news is that 96% of Twitter users on Android are not vulnerable to this issue. But that also means the remaining 4% of users on Android 8 and Android 9 were exposed to this exploit. Twitter, however, said there was no evidence the vulnerability was exploited.

This isn’t the first vulnerability Twitter has detected in its Android app. The company has previously disclosed a similar problem after a fix was made available. 

In mid-July 2020, Twitter suffered an unprecedented hack that compromised the accounts of high-profile individuals such as Bill Gates, Elon Musk and Joe Biden.

The mastermind behind the hack was revealed to be Graham Ivan Clark, a 17-year-old teenager from Florida, who was arrested on 31 July. Based on The New York Times’ story, Clark tricked an unwitting employee via a phone phishing attack and gained access to Twitter’s account management tools.

[SOURCE]

Related reading

Recent Posts

Denza Z9 GT now in Malaysia for RM359k: Luxury sports EV with 600km of range

Denza Z9 GT is now officially in Malaysia after it was first demonstrated here over…

5 hours ago

Huawei MatePad Air 2026 with 144Hz PaperMatte OLED screen, six speakers previewed in Malaysia: Here’s what we know

Aside from launching the Huawei Pura 90s series, Huawei Malaysia also unveiled the MatePad Air…

8 hours ago

Gentari drops DC fast charging prices at select locations across Peninsular Malaysia

Gentari has announced a price cut for selected DC chargers across Peninsular Malaysia. EV owners…

11 hours ago

Gentari’s Ayer Hitam EV Charging Hub now upgraded with 7 DC Charge Points

Petronas Bandar Baru Ayer Hitam is one of the most popular EV charging hubs for…

18 hours ago

Proton Saga Cross AMA02 spotted undergoing testing at Federal Highway

We spotted a camouflaged car at Federal Highway earlier today that might be the new…

1 day ago

Huawei Pura 90s series arrives in Malaysia from RM3,699. Pro Max version gets a 200MP telephoto camera

Huawei has officially launched the Pura 90s series in Malaysia, its latest flagship camera phones…

1 day ago

This website uses cookies.