Twitter has recently reported a suspected State-sponsored attack through its contact form, possibly connected with Saudi Arabia and China.
Although several cyber attacks have been launched on social networking sites, the involvement of State-backed threat actors sounds alarming. Recently, in a bid to spread false news, several attacks have been launched on social networking sites. So there lies every possibility that this was done in pursuance of a similar motive. However, Twitter has stated that it is not absolutely sure of the attack being state-sponsored.
An official Twitter blog post reportedly stated
“…large number of inquiries coming from individual IP addresses located in China and Saudi Arabia.”
The Bug
Twitter has been a victim of several cyber attacks, but this one seems to be the most fearsome as it hints towards the possibility of a Cyber War. According to reports, Twitter’s Support Form, which a person could use to reach out to Twitter and let a third party access country codes and account statuses of Twitter users.
In November, Researcher Terence Eden uncovered a Twitter Support Form flaw, which could easily be exploited by third persons. Eden was awarded US $ 2,940, under HackerOne’s Bug Bounty program for reporting this bug.
Further Investigation
Upon further investigation, Twitter uncovered certain “suspicious activity” connected with one of its API’s, which turned out to be an exploitable flaw related to the customer support form. It took the Social Networking firm about 24 hours to fix it.
Twitter’s official Blog post stated
“During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors. We continue to err on the side of full transparency in this area and have updated law enforcement on our findings.”
According to Twitter, it has reached out to the affected users and informed them about the incident. However, there seems to be no action required by the users as the bug has been already fixed. Further, the social networking site has claimed to have diligently reported the incident to the concerned authorities.
Comments are closed.