Twitter is one of the finest platforms to share your message. Similarly, it’s one of the few platforms that’s actively being targeted by attackers to gain control or account details of celebs. Just recently, Twitter revealed that one of its API regarding the search matching was exploited by few attacks who are believed to be sponsored by states.
Vulnerable only if enabled
The API Twitter reported is about finding specific accounts through their phone numbers or email addresses via a simple search. This is possible for those who’ve enabled the Let people who have your phone number find you on the Twitter option in settings. Further, people who have their phone numbers associated with Twitter could be vulnerable too. This can lead attackers to match accounts with their phone numbers of several suspects, thus revealing their identities.
But Twitter responded to this immediately and corrected. It said,
“During our investigation, we discovered additional accounts that we believe may have been exploiting this same API endpoint beyond its intended use case. While we identified accounts located in a wide range of countries engaging in these behaviours, we observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia. It is possible that some of these IP addresses may have ties to state-sponsored actors.”
As Twitter is a popular platform for serious people to raise a voice, rights activists and protestors create pseudonyms accounts for questioning authorities. To which, governments and other organizations try finding those dissidents by either demanding Twitter to reveal or exploiting such vulnerable APIs.
As suppression is all they wanted, Twitter was previously in news regarding two of its ex-employees being accused of relating to Saudi Arabian government and snooping on political dissidents. Further, popular messenger application WhatsApp too was exploited by such state-sponsored attackers to track activists recently.