On Friday, Twitter confirmed a zero-day vulnerability that allowed a bad actor to find email addresses and phone numbers associated with several, to be exact, 5.4 million Twitter accounts. And the data is said to be currently on sale.
Twitter says it fixed the bug in January when it first learned about the vulnerability through its bug bounty program, but the hacker was fast enough to exploit the system before Twitter was able to issue a patch.
The vulnerability resulted from a code update pushed in July 2021, which did not get fixed until January 2022, giving attackers enough time to exploit it. However, Twitter says that it “had no evidence to suggest someone had taken advantage of the vulnerability” when it discovered the flaw.
Twitter’s zero-day vulnerability allowed anyone to fetch anyone’s username through an email address or phone number. BleepingComputer reports that a bad actor managed to exploit this vulnerability to compile usernames of around 5.4 million accounts on Twitter and is currently selling the data on a stolen data marketplace for $30,000.
Twitter says that the vulnerability posed a “serious threat” to users with pseudonymous accounts, and could be used to detail “a big chunk of the Twitter user base.” However, it did not reveal how many accounts have been compromised because of this vulnerability. The micro-blogging platform says that it will be notifying the affected users directly but it does not seem to know of every account impacted.
How could you save yourself from such attacks in future? Well, it is highly advised to enable 2FA authentication. Further, Twitter advises using a private email address or phone number with your pseudonymous accounts.
FacebookTwitterInstagramKOO APPYOUTUBE
!(function(f, b, e, v, n, t, s) {
window.TimesApps = window.TimesApps || {};
const { TimesApps } = window;
TimesApps.loadFBEvents = function() {
(function(f, b, e, v, n, t, s) {
if (f.fbq) return;
n = f.fbq = function() {
n.callMethod ? n.callMethod(…arguments) : n.queue.push(arguments);
};
if (!f._fbq) f._fbq = n;
n.push = n;
n.loaded = !0;
n.version = ‘2.0’;
n.queue = [];
t = b.createElement(e);
t.async = !0;
t.src = v;
s = b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t, s);
})(f, b, e, v, n, t, s);
fbq(‘init’, ‘593671331875494’);
fbq(‘track’, ‘PageView’);
};
})(
window,
document,
‘script’,
‘https://connect.facebook.net/en_US/fbevents.js’,
);if(typeof window !== ‘undefined’) {
window.TimesApps = window.TimesApps || {};
const { TimesApps } = window;
TimesApps.loadScriptsOnceAdsReady = () => {
var scripts = [
‘https://static.clmbtech.com/ad/commons/js/2658/toi/colombia_v2.js’ ,
‘https://www.googletagmanager.com/gtag/js?id=AW-877820074’,
‘https://imasdk.googleapis.com/js/sdkloader/ima3.js’,
‘https://tvid.in/sdk/loader.js’,
‘https://timesofindia.indiatimes.com/video_comscore_api/version-3.cms’,
‘https://timesofindia.indiatimes.com/grxpushnotification_js/minify-1,version-1.cms’,
‘https://connect.facebook.net/en_US/sdk.js#version=v10.0&xfbml=true’,
‘https://timesofindia.indiatimes.com/locateservice_js/minify-1,version-14.cms’
];
scripts.forEach(function(url) {
let script = document.createElement(‘script’);
script.type=”text/javascript”;
if(!false && !false && !false && url.indexOf(‘colombia_v2’)!== -1){
script.src = url;
} else if (!false && !false && !false && url.indexOf(‘sdkloader’)!== -1) {
script.src = url;
} else if (!false && (url.indexOf(‘tvid.in/sdk’) !== -1 || url.indexOf(‘connect.facebook.net’) !== -1)) {
script.src = url;
} else if (url.indexOf(‘colombia_v2’)== -1 && url.indexOf(‘sdkloader’)== -1 && url.indexOf(‘tvid.in/sdk’)== -1 && url.indexOf(‘connect.facebook.net’) == -1){
script.src = url;
}
script.async = true;
document.body.appendChild(script);
});
}
}
More News
Samsung Galaxy A35 5G, Galaxy A55 5G price revealed – Times of India
iQoo Z9 Turbo new leak reveals key specifications: All the details – Times of India
Samsung Galaxy A55 vs Vivo V30 Pro: How the two affordable premium Android phones compare – Times of India