Home Hacking News Twitter Suspects China & Saudi Arabia Over Recent Hack
Hacking NewsLatest Cyber Security News | Network Security HackingNews

Twitter Suspects China & Saudi Arabia Over Recent Hack

by Unallocated Author
written by Unallocated Author

Twitter has recently reported a suspected State-sponsored attack through its contact form, possibly connected with Saudi Arabia and China.

Although several cyber attacks have been launched on social networking sites, the involvement of State-backed threat actors sounds alarming. Recently, in a bid to spread false news, several attacks have been launched on social networking sites. So there lies every possibility that this was done in pursuance of a similar motive. However, Twitter has stated that it is not absolutely sure of the attack being state-sponsored.

An official Twitter blog post reportedly stated

“…large number of inquiries coming from individual IP addresses located in China and Saudi Arabia.”

The Bug

Twitter has been a victim of several cyber attacks, but this one seems to be the most fearsome as it hints towards the possibility of a Cyber War. According to reports, Twitter’s Support Form, which a person could use to reach out to Twitter and let a third party access country codes and account statuses of Twitter users.

In November, Researcher Terence Eden uncovered a Twitter Support Form flaw, which could easily be exploited by third persons. Eden was awarded US $ 2,940, under HackerOne’s Bug Bounty program for reporting this bug.

Further Investigation

Upon further investigation, Twitter uncovered certain “suspicious activity” connected with one of its API’s, which turned out to  be an exploitable flaw related to the customer support form. It took the Social Networking firm about 24 hours to fix it.

Twitter’s official Blog post stated

“During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors. We continue to err on the side of full transparency in this area and have updated law enforcement on our findings.”

According to Twitter, it has reached out to the affected users and informed them about the incident. However, there seems to be no action required by the users as the bug has been already fixed. Further, the social networking site has claimed to have diligently reported the incident to the concerned authorities.

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

You may also like

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses

Comments are closed.