comscore Twitter bug allows hackers to impersonate others and tweet

Twitter bug allows hackers to impersonate others and tweet

Researchers have found a flaw in Twitter Ad Studio tool that lets hacker impersonate user accounts.


Twitter bug bounty hunters have found a significant loophole in the social media’s comprehensive media sharing tool called the Twitter Ad Studio. The bug in Twitter’s ad service can let hackers tweet from other accounts or delete photos and videos from their feed without knowing or stealing their passwords.  Also Read - Big threat for Google, Twitter, WhatsApp, and LinkedIn users

The Studio tool was released by Twitter last year in September for publications to easily publish video content from desktops. A group of researchers now claims to have come across a major vulnerability in Twitter’s product and its security protocols. “By sharing media with a victim user and then modifying the post request with the victim’s account ID the media in question would be posted from the victim’s account,” Twitter explained while addressing the bug. Also Read - Losing thousands of Twitter followers? Here’s why that might be happening

A blog published last week by Anand Prakash brought the bug to everyone’s notice. Prakash’s blogpost briefed about the vulnerability, which is said to be discovered by him within a day of Studio’s launch. He looked for the flaw and even tried it on a friend’s account. According to Gizmodothe micro-blogging site has identified the flaw and fixed it. Twitter has reportedly paid around $5,000 to Prakash for his research. ALSO READ:  Tesla chief Elon Musk announces exit from Donald Trump’s advisory council in a post on Twitter Also Read - After Bill Gates, Jeff Bezos, Jack Dorsey; will Mark Zuckerberg be next to leave his company?

It is said that none of the accounts were jeopardized before the tool was made available to a large number of users. Twitter made the Studio tool available to a limited number of whitelisted users and the bug was fixed within 24 hours of triage. “This bug was patched immediately after being triaged and no evidence was found of the flaw being exploited by anyone other than the reporter,” wrote Twitter.

In other news, the micro-blogging website has now introduced a new feature to Direct Messages (DMs), which now filters DMs from unknown followers or accounts you don’t recognize. Prior to this, Twitter had also launched a customizable Direct Message Card for business accounts promote and share bots and other customer experiences via DMs.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: June 7, 2017 1:48 PM IST

new arrivals in india

Best Sellers