Bengaluru: Twitter said it has fixed a vulnerability within its app for Android that could have allowed a bad actor to see non-public account information or control its users account such as sending Tweets or Direct Messages. Twitter, in a blogpost on Saturday night, said prior to the fix, through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information including Direct Messages, protected Tweets, location information from the app.
“We don’t have evidence that malicious code was inserted into the app or that this vulnerability was exploited, but we can’t be completely sure so we are taking extra caution,” it said. Twitter said the company has taken steps to fix this issue and are directly notifying people who could have been exposed to this vulnerability either through the Twitter app or by email with specific instructions to keep them safe.
The company declined to comment on whether Indian users were affected by the vulnerability.
Nine out of ten users in India use a smartphone that runs on Google’s Android platform.
“We are not able to comment on the locations of those affected,” it said.
It asked users to update to the latest version of Twitter for Android. It added that the issue did not impact Twitter for iOS.
“We’re sorry this happened and will keep working to keep your information secure on Twitter. You can reach out to our Office of Data Protection through this form to request information regarding your account security,” it said.
Source: Economic Times
