Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
Tech
  • Municipal Corporations 8/10
  • TRS 7
  • INC 1
  • BJP 0
  • AIMIM 0
  • OTH 0
  • MUNICIPALITIES 113/120
  • TRS 94
  • INC 10
  • BJP 2
  • AIMIM 2
  • OTH 5
Refresh Data
News18 » Tech
2-min read

New Twitter Bug Reportedly Compromised 17 Million Phone Numbers of Users

The flaw could apparently allow anyone to acquire user phone numbers on Twitter.

IANS

Updated:December 25, 2019, 4:56 PM IST
facebookTwitter Pocket whatsapp
Image for representation. (Photo: Reuters)
Image for representation. (Photo: Reuters)

In yet another data breach on Twitter which has gone through a bad year on security, a researcher has claimed he matched 17 million phone numbers to user accounts, including high-profile politicians and officials, by exploiting a vulnerability in Twitter's Android app. Security researcher Ibrahim Balic found that it was possible to upload entire lists of generated phone numbers through Twitter's contacts upload feature, reports TechCrunch.

"If you upload your phone number, it fetches user data in return," he was quoted as saying. Most of the users were in countries like Israel, Turkey, Iran, Greece, Armenia, France and Germany. In one case, TechCrunch was able to identify a senior Israeli politician using their matched phone number. Over a two-month period, Balic began alerting users directly and when Twitter came to know, the micro-blogging platform blocked his efforts on December 20.

Balic had created a WhatsApp group to alert users. He generated more than two billion phone numbers, one after the other, then randomized the numbers, and uploaded them to Twitter through the Android app. The bug did not exist in the web-based upload feature. It's not yet confirmed if Balic's efforts are related to a Twitter statement last week which admitted a malicious code was inserted into its app by a bad actor that could have compromised several Android users' information worldwide, including in India.

The vulnerability within Twitter for Android could allow the bad actor to see non-public account information or to control your account (send Tweets or Direct Messages). Balic is previously known for identifying a security flaw that affected Apple's developer center in 2013. A Twitter spokesperson said the company takes these reports seriously and are actively investigating to ensure this bug can't be exploited again.

Twitter has faced several vulnerabilities on its platform in the recent past. In May, Twitter disclosed a bug that shared some iOS users' data with an unnamed partner, even if the user did not opt to share data. The bug affected Twitter's iOS user base and they were notified about the issue.

In February, a bug in Twitter exposed private tweets of some Android users for over five years when they made changes in their settings, like changing the email address linked to their accounts. In a huge data breach last year, the micro-blogging platform alerted all users to change their password after it discovered a bug that stored passwords in plain text in an internal system.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: ---
Read full article
Next Story
Next Story

facebookTwitter Pocket whatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results