Twitter discloses Android app flaw that could allow account takeovers

By

Urges users to update.

Twitter is urging users of its Android app to update to the latest version, which it says fixes a vulnerability that could have allowed an attacker to hijack accounts.

Twitter discloses Android app flaw that could allow account takeovers

The social media company said in a blog post the vulnerability "could allow a bad actor to see nonpublic account information or to control your account".

"Prior to the fix, through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (e.g. direct messages, protected tweets, location information) from the app," it said.

“We don’t have evidence that malicious code was inserted into the app or that this vulnerability was exploited, but we can’t be completely sure so we are taking extra caution,” Twitter said.

“We have taken steps to fix this issue and are directly notifying people who could have been exposed to this vulnerability either through the Twitter app or by email with specific instructions to keep them safe. 

“These instructions vary based on what versions of Android and Twitter for Android people are using. 

“We recommend that people follow these instructions as soon as possible.”

The company provided more details of fixes via support accounts on the platform itself.

“To provide more detail, this issue was fixed in Twitter for Android version 7.93.4 (released Nov. 4, 2019 for KitKat) as well as version 8.18 (released Oct. 21, 2019 for Lollipop and newer),” it said.

“Twitter for Android is no longer supported on Android OS versions older than KitKat.”

The vulnerability did not impact the iOS app.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Government will make digital ID voluntary

Government will make digital ID voluntary

"Unpatchable" vulnerability found in Apple's silicon

"Unpatchable" vulnerability found in Apple's silicon

Australian gov backs election system security after "highly likely" UK compromise

Australian gov backs election system security after "highly likely" UK compromise

Cyber Security NSW sees better ways to improve council security than audits

Cyber Security NSW sees better ways to improve council security than audits

Log In

  |  Forgot your password?