Security Flaw In Android 8 And 9 Could Expose Twitter DMs

Twitter has recently alerted its Android users about a vulnerability. As revealed, a security flaw existed in Android 8 and 9 that could expose Twitter DMs. Twitter has subsequently updated the Android app for users with a fix.

Android Flaw Could Expose Twitter DMs

Reportedly, Twitter has disclosed to its users a serious security flaw in Android that could expose their DMs. The news surfaced online as Twitter displayed alerts to potentially vulnerable users.

It turned out that the vulnerability basically affected the Android 8 and 9 at the OS level. While it was not in the scope of Twitter, exploiting the bug could impact Twitter users.

Describing how it could affect Twitter for Android, the tech giant explained in its security notice,

This vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this.

While Twitter assured that a majority of Android users (96%) are already running the patched devices, the remaining 4% might be potentially vulnerable.

Also, out of caution, they displayed in-app alerts for all vulnerable users. Here’s what the notice looked like.

Image: Latest Hacking News

Update Twitter For Android App

Following the discovery of the Android vulnerability, Twitter also updated its Android app to include a fix.

Though, they didn’t explicitly state how and when they first catch the flaw.

Nonetheless, what’s important to mention here is that Twitter has assured no active exploitation of the flaw. As stated,

We don’t have evidence that this vulnerability was exploited by attackers.

However, as they can’t be sure, they employed various security measures to eliminate any risk. These include updating the app to prevent other apps from accessing Twitter in-app data. These fixes include the ones beyond the standard OS security in place.

Also, they urge all Android users to update their apps to the latest version. Whereas, iOS and Twitter web version users from this exploit.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil