CYBER NEWS

Twitter Android Version Patched To Prevent Unauthorized Data Access

The Twitter development team announced that they have recently discovered and fixed a serious security issue in their Android client. They have found out that attackers could have used a malicious app in order to lookup private Twitter data using the Android system permissions. Apparently the main fault lied from within the way the Android operating system is designed and affects mainly OS version 8 and 9.




Twitter Fixes Their Android Version After Critical Data Leakage Hack Method Was Discovered

The Twitter security today alerted site visitors that have installed the Android client about a new security issue which has been detected. According to their public notice the fault affects mainly Android 8 and 9 and the larger part of Twitter Android users have already patched their devices to protect themselves. The underlying weakness was identified in the Android mobile operating system itself — an issue that allowed attackers to program a malicious app installed on the local device to hijack sensitive Twitter data. The way Android works is by giving up the requested information according to the permissions levels which have been granted to a given app by the system. It appears that the potential attackers could have bypassed some of the security checks and allowed a specially programmed malware app to do that. What we know is that this can potentially work with direct messages.

Related: [wplinkpreview url=”https://sensorstechforum.com/295-malicious-chrome-extensions/ “] 295 Malicious Chrome Extensions Installed by 80M Users

At this moment there have been no reported cases of abuse. However given the potentially enormous impact of a scenario when the Twitter client is abused the company has released an updated Android client through the Google Play Store which adds secondary security precautions. Users that might be impacted are required to update to the latest version. In addition in-app notices will be issued to them. Twitter for iOS is not impacted as the permissions levels are managed using a different approach.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...