Twitter For Android App Flaw Could Have Allowed Hijacking of Accounts

Twitter has disclosed a vulnerability that potentially threatened Android users. As revealed, the Twitter for Android app had a flaw that could allow an attacker to seize user accounts.

Twitter For Android App Flaw

Twitter recently disclosed a flaw in its Android app.

As revealed in a post, the Android Twitter for Android app vulnerability could have allowed a potential attacker take control of users’ accounts. This would have also allowed the attacker to send Direct Messages or Tweets through the target account.

Doing so simply required an attacker to carefully insert malicious code in the app. As stated in the post,

Through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (e.g., Direct Messages, protected Tweets, location information) from the app.

The vulnerability specifically affected Twitter for Android only and did not affect Twitter for iOS.

Update Your App Now!

Upon noticing the vulnerability, Twitter quickly patched the flaw to avoid any exploit. They assured that the bug did not affect any users.

However, considering the seriousness of the flaw, Twitter has disclosed this matter after rectification.

We don’t have evidence that malicious code was inserted in to the app or that this vulnerability was exploited, but we can’t be completely sure so we are taking extra caution.

Furthermore, they are also notifying users via the Twitter app or email, who Twitter suspects as potential affectees of the flaw.

We have taken steps to fix this issue and are directly notifying people who could have been exposed to this vulnerability either through the Twitter app or by email with specific instructions to keep them safe.

In addition, they also urge users to update their apps to the latest versions at the earliest to stay safe from compromise.

Besides, users should also make sure to keep their accounts safe with two-factor authentication. Recently, Twitter has also updated this 2FA feature for the convenience of the users.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients