Malicious actors have used a bug to access the personal contact details of Twitter users, with “a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia,” the popular social network announced on Monday.
Twitter became aware of “that someone was using a large network of fake accounts to exploit our API and match usernames to phone numbers,” it announced, meaning that someone was using a mistake in the service’s code to glean users’ private contact details.
Last month, technology news website TechCrunch reported that security researcher Ibrahim Balic had discovered the bug and had “matched 17 million phone numbers to Twitter user accounts by exploiting a flaw in Twitter’s Android app.”
“In one case,” using data from Balic, “TechCrunch was able to identify a senior Israeli politician using their matched phone number,” the news site reported, adding that Balic had managed to access and identify the private contact details of a number of “including politicians and officials.”
We recently discovered an issue that allowed bad actors to match a specific phone number with the corresponding accounts on Twitter. We quickly corrected this issue and are sorry this happened. You can learn more about our investigation here: https://privacy.twitter.com/blog/2020/an-incident-impacting-your-account-identity …An Incident Impacting your Account Identityprivacy.twitter.com80610:01 PM – Feb 3, 2020Twitter Ads info and privacy725 people are talking about this
According to Twitter, some of those exploiting the platform’s vulnerability prior to the bug being patched may have been part of government agencies.
“While we identified accounts located in a wide range of countries engaging in these behaviors, we observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia,” Twitter said in a statement. “It is possible that some of these IP addresses may have ties to state-sponsored actors. We are disclosing this out of an abundance of caution and as a matter of principle.”
Israel’s spyware industry has come under increasing scrutiny in recent years. In December, officials in Cyprus announced that they were looking to question Israeli spy-tech CEO Tal Dillian regarding a “spy van” equipped with sophisticated surveillance technology that he had developed and brought to the Mediterranean country.
Last month, Reuters reported that the FBI was investigating Israeli spyware firm NSO over suspicions its products were used to hack American citizens’ phones and spy on foreign governments.
Sources familiar with the investigation said the probe was attempting to look at whether NSO products were being used to gain access to phones belonging to Americans and whether any foreign nations were using tools to spy on US government officials or those of allies. The investigation, which may not be solely focused on NSO, has been ongoing since 2017, according to Reuters.
The Herzliya-based firm is best known for marketing Pegasus, a highly invasive tool that can reportedly switch on a target’s cellphone camera and microphone and access data, effectively turning the phone into a pocket spy.
The company says it provides its software to governments for the sole purpose of fighting terrorism and crime. But dissidents, journalists and other opposition figures have repeatedly claimed the company’s technology has been used by repressive governments to spy on them. NSO claims its software cannot be used on US numbers, but according to Reuters, the FBI is investigating whether the company obtained code from American hackers to infect smartphones.
In October, WhatsApp parent company Facebook filed suit in the US against NSO Group, accusing it of using the hugely popular instant messaging platform to conduct cyberespionage on nearly 1,400 journalists, diplomats, dissidents and human right activists worldwide.
The spyware has also been implicated in the gruesome killing of Saudi journalist Jamal Khashoggi, who was dismembered in the Saudi consulate in Istanbul in 2018. It is also said to be behind a campaign to compromise proponents of a soda tax in Mexico and an effort to hack into the phone of an Arab dissident which prompted an update to Apple’s operating system.