Today, Twitter released a statement that says the platform has suspended “a large network of fake accounts,” as well as many others “located in a wide range of countries,” for abusing an API feature that allowed them to match phone numbers to usernames.
Here's the official tweet.
“We observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia,” the Twitter security bulletin says. “It is possible that some of these IP addresses may have ties to state-sponsored actors,” the post continued.
TechCrunch previously reported this same issue on December 24, which is also the day Twitter says that it “became aware” that the abuse was taking place, writes Devin Coldewey at TechCrunch.
Security researcher Ibrahim Balic found that a bug in Twitter’s Android app let him submit millions of phone numbers through an official API, which returned any associated user account.
Excerpt from today's TechCrunch report:
The feature is intended, if you have enabled it, to let friends who have your number look up your Twitter handle. But obviously submitting millions of numbers goes “beyond its intended use case.”
If you had turned this feature off, you weren’t affected by this bug. Fortunately for users in the EU this was opt-in there. But for the rest of the world it’s opt-out — so if you had a phone number associated with your account, you may have been affected.
Furthermore, the phone numbers include those provided for purposes of two-factor authentication, so those outside the EU may have been vulnerable to this exploit without realizing it.
Twitter and Tiktok had preliminary negotiations about a potential merger/acquisition, reported the Wall Street Journal on Saturday.
TikTok, the social media app from China-based Bytedance, plans to sue the Trump administration in a challenge to the president’s executive order that bans the service in the United States.
Donald Trump on Thursday issued an executive order that bans doing business with ByteDance, the China-based company that owns TikTok. The ban takes effect in 45 days.
If you’re out of work…well, first, you have our sympathies. Right now, about 31 million Americans are drawing some form of unemployment benefits, which makes competition for virtually any job savagely fierce. But since nobody wants to wallow in the miseries of unemployment, the only legitimate course left open is to scrap like crazy to […]
If you want swole arms cut like tree trunks, you start savaging the curl bars. If you want to sculpt a tight, firm core, you have lots of planking and bridges in your future. So what do you do if you want to knock out that double chin? Or put a little added definition into […]
Considering the state of our world, it probably shouldn’t come as a surprise to find lots and lots of people pushed to their breaking point. Anxiety and stress are often constant companions during the best of times. But now, with fear and frustration running rampant, it’s easy to be subsumed by all the distractions and […]