Today, Twitter released a statement that says the platform has suspended “a large network of fake accounts,” as well as many others “located in a wide range of countries,” for abusing an API feature that allowed them to match phone numbers to usernames.
Here's the official tweet.
“We observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia,” the Twitter security bulletin says. “It is possible that some of these IP addresses may have ties to state-sponsored actors,” the post continued.
TechCrunch previously reported this same issue on December 24, which is also the day Twitter says that it “became aware” that the abuse was taking place, writes Devin Coldewey at TechCrunch.
Security researcher Ibrahim Balic found that a bug in Twitter’s Android app let him submit millions of phone numbers through an official API, which returned any associated user account.
Excerpt from today's TechCrunch report:
The feature is intended, if you have enabled it, to let friends who have your number look up your Twitter handle. But obviously submitting millions of numbers goes “beyond its intended use case.”
If you had turned this feature off, you weren’t affected by this bug. Fortunately for users in the EU this was opt-in there. But for the rest of the world it’s opt-out — so if you had a phone number associated with your account, you may have been affected.
Furthermore, the phone numbers include those provided for purposes of two-factor authentication, so those outside the EU may have been vulnerable to this exploit without realizing it.
A court in Moscow today issued fines of 4 million rubles each against Twitter and Facebook for the social media companies’ refusal to store data about Russian citizens inside Russia.
The Department of Justice on Thursday announced a 16-count superseding indictment against the Chinese technology company Huawei and its CFO Meng Wanzhou. Among the charges: racketeering and conspiracy to steal intellectual property.
WTF is even going on anymore.
Everybody wears socks, even presidents, but not everybody wears sophisticated, ultra-comfortable socks made with bamboo yarn that offers softness, ventilation, and durability. So with all these DeadSoxy socks on sale for Presidents’ Day, why not use this opportunity to make those hard-working feet of yours happier than they’ve ever been? With styles for work and […]
If you’re looking to read more in 2020, you probably wish you had more time to get that done. Well, we can’t create more hours in the day (we’re mad about it too), but we can help you maximize those hours. Catch up on that book list and get ahead of the game when you […]
Grover Cleveland served as America’s 22nd President before being narrowly defeated for re-election by Benjamin Harrison in 1888. But the undeterred Cleveland roared back four years later, winning the 1892 election for his second term in the White House. If the American people can give a president a second chance, don’t you think a gently-used […]