Skip to main content

Before Twitter Patch, Private Messages May Have Been Vulnerable

By August 22, 2020May 5th, 2022Cybersecurity

If you’re a Twitter user, you should know that the company recently announced that they had addressed a serious security flaw that could have allowed hackers to gain direct access to Direct or Private Messages users sent via Twitter.

If you seldom use that feature, then the impact to you would have been minimal in any case. If it’s something you use on a regular basis, then breathe a sigh of relief.

The company had this to say about the issue:

“We recently discovered and fixed a vulnerability in Twitter for Android related to an underlying Android OS security issue affecting OS versions 8 and 9. Our understanding is 96 percent of people using Twitter for Android already have an Android security patch installed that protects them from this vulnerability.

For the other 4 percent, this vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this.”

The company stressed that there’s no evidence this security flaw was ever exploited in the wild, and again, there’s nothing for you, as a Twitter user to do. The company has already handled it.

The discovery of the flaw though, comes on the heels of another recent, dramatic Twitter hack. In that hack, dozens of user accounts belonging to high-profile individuals were commandeered and used to bilk unsuspecting users out of more than $120,000 worth of Bitcoins.

If history is a good guide, and it usually is, this won’t be the last major security flaw the company finds and addresses in what remains of the year. Nonetheless, kudos to Twitter for finding the flaw and acting quickly to correct it before it could be exploited. Here’s hoping they can continue to find and correct them before the hackers can take advantage.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.