A Twitter spokesperson told the website that the company is working to ensure the bug in its Android app cannot be exploited again. (Image: Bloomberg)
A security researcher exploited a bug in Twitter’s Android app to close to 17 million mobile numbers to their respective user accounts on the platform. Ibrahim Balic told TechCrunch that he was able to match phone numbers to users in Israel, Turkey, Iran, Greece, Armenia, France and Germany over a two-month period.
Many phone numbers that Balic accessed reportedly belonged politicians and other high-profile officials. Though Balic did not reveal the bug to Twitter, he warned some users directly. On December 20, Twitter blocked his efforts after it learned about the bug.
A Twitter spokesperson told the website that the company is working to ensure the bug in its Android app cannot be exploited again. Meanwhile, it has suspended the accounts that were used to access people’s personal information without consent.
Twitter’s contact upload feature did not allow Balic to access lists of phone numbers in sequential format so he randomised over two billion phone numbers that he generated one after the other to upload to Twitter’s Android app and then match them with Twitter accounts.
He also provided TechCrunch with a sample of phone numbers he matched, out of which the website was able to identify one was of a senior Israeli politician. “Using the ..
Support the originator by clicking the read the rest link below.
