Twitter issues emergency security patch for Android

Android users told to update app after discovery of serious vulnerability

If you use Twitter for Android, pick up your phone and update the app – the company has just issued a patch for a particularly dangerous flaw.

Twitter admitted in a blog post that it had spotted a nasty vulnerability that could let hackers see private account information or take over your feed to send Tweets or Direct messages. A patch is already being pushed out, and there's no evidence the flaw had been spotted or used in the wild.

Advertisement - Article continues below

Twitter said that making use of the flaw would have involved a "complicated process" that required inserting malicious code into restricted storage areas of the app, but admitted it may have been possible.

"We don’t have evidence that malicious code was inserted into the app or that this vulnerability was exploited, but we can’t be completely sure so we are taking extra caution," the company said.

Alongside patching the flaw, the company said it would directly contact anyone exposed to the flaw, either via the app or by email, with instructions on how to keep their accounts safe. "We recommend that people follow these instructions as soon as possible," the company said. "If you are unsure about what to do, update to the latest version of Twitter for Android."

The app can be updated via the Play Store on Android. Twitter said the iOS version of the app was not affected by the flaw.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

For anyone wanting more information, Twitter has a form to request information about your account and security. "We’re sorry this happened and will keep working to keep your information secure on Twitter," the post added.

The security flaw comes as the company purged 88,000 accounts that were used as part of a "significant state-backed information operation on Twitter originating in Saudi Arabia". The spam accounts were spreading pro-Saudi propaganda via a variety of platform manipulation techniques, such as aggressive liking, Twitter said. The campaign was coordinated by a Saudi marketing company, Smaat, which has been banned permanently from Twitter.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Most Popular

Visit/security/privacy/355155/zoom-kills-facebook-integration-after-data-transfer-backlash
privacy

Zoom kills Facebook integration after data transfer backlash

30 Mar 2020
Visit/security/data-breaches/355173/marriott-hit-by-data-breach-exposing-personal-data-of-52-million
data breaches

Marriott data breach exposes personal data of 5.2 million guests

31 Mar 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020