Hackers Exploited Twitter Bug to Find Linked Phone Numbers of Users

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Twitter today issued a warning revealing that attackers abused a legitimate functionality on its platform to unauthorizedly determine phone numbers associated with millions of its users’ accounts.

According to Twitter, the vulnerability resided in one of the APIs that has been designed to make it easier for users to find people they may already know on Twitter by matching phone numbers saved in their contacts with twitter accounts.

To be noted, the feature worked precisely as intended, except someone was not supposed to upload millions of randomly generated phone numbers and abuse Twitter to reveal profiles associated with the contact information users added to Twitter for enabling security features.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top