A Twitter bug allowed hackers to take control of user accounts

The bug was quickly fixed by Twitter.

    Apparently, Twitter's media sharing tool, the Twitter Ad Studio had a bug, which allowed hackers to tweet from other accounts and even delete photos and videos from their feed without having to crack their passwords. What's more, the users won't even come to know that their Twitter accounts have been infringed.

    A Twitter bug allowed hackers to take control of user accounts

    The micro-blogging site introduced the Studio tool back in September 2016, in order to let publications post videos from desktops more conveniently. However, some researchers have found a huge loophole in Twitter's product and its security protocols. Twitter was quick to acknowledge the problem by stating, "By sharing media with a victim user and then modifying the post request with the victim's account ID the media in question would be posted from the victim's account."

    Courtesy of a blog post published by Anand Prakash, the bug came into light. The blog post has explained the issue briefly and he is said to have discovered the next day of Studio's launch. After finding the flaw, he tried it on someone's account. However, you don't have to get worried about it.

    As a report by Gizmodo, Twitter has already taken necessary steps to fix the bug. Prakash was even paid around $5,000 by the social network platform for bringing the issue to their notice.

    None of the Twitter accounts was affected by the bug since the tool was made available to a limited number of whitelisted users initially. So by the time the Studio tool reached more number of people, the bug was already fixed by Twitter.

    "This bug was patched immediately after being triaged and no evidence was found of the flaw being exploited by anyone other than the reporter," added Twitter.

    Read More About: Twitter news social media
    X

    Stay updated with latest technology news & gadget reviews - Gizbot

    We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more