Tuesday, January 26, 03:52
Home security Hackers Abuse Twitter API: Many users were affected

Hackers Abuse Twitter API: Many users were affected

TwitterThe Twitter revealed yesterday that someone exploited The official API of company (Application Programming Interface) to be able to match phone numbers to usernames of its users platform.

Twitter was informed of the security incident by one report who posted it website TechCrunch. According to the report, the API was exploited on December 24, 2019. According to the report, a researcher security abused the official Twitter API to match 17 million phone numbers with public usernames.

Twitter says that as soon as it learned about the incident, it took action and immediately closed a large network of fake accounts used for this purpose.

The social networking platform also revealed that it was conducting further research and discovered that there were others exploiting the API, in addition to the security researcher mentioned by TechCrunch.

Twitter did not specify who misused the API, but stated that some of the IPs used in attempts to exploit the API were related to state hacking groups (either governmental services information or hacking groups that are simply supported by governments).

 The Twitter API error exploited by hackers

According to Twitter, the attackers exploited a legitimate one Endpoint API allowing new account holders to find people on platform of social network. The API endpoint allows users submit phone numbers and match them with bills.

According to the platform, not all users were affected but only those who had opted in settings the option to pair by phone number.

"People who have not enabled this setting or do not have a phone number linked to their account have not been affected by this vulnerability," Twitter said.

The platform said that fixed the error immediately making a number of changes to this endpoint so that no other user is affected.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

00:02:40

COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...
00:02:17

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...