September 5, 2019

Twitter nixes tweets by text after CEO account hack

Twitter has suspended tweeting via text after CEO Jack Dorsey, pictured in November 2018, fell victim to a "SIM swap"
Twitter has suspended tweeting via text after CEO Jack Dorsey, pictured in November 2018, fell victim to a "SIM swap" hack

Twitter on Wednesday halted users' ability to fire off tweets via text messages as it seeks to fix a vulnerability that led to CEO Jack Dorsey's account being hijacked.

Dorsey last week was the target of so-called "SIM swap" fraud, which enables a hacker to trick a into transferring a number—potentially causing people to lose control not only of , but and other .

This type of attack targets a weakness in the use of "" via text message to validate access to an account, a break-in method that has grown popular in recent years.

"We're temporarily turning off the ability to Tweet via SMS, or text message, to protect people's accounts," the Twitter support team wrote on the platform.

"We're taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication."

The San Francisco-based service added that as it works on a long-term solution to the problem, tweeting via eventually will be turned back on in markets where users rely on that technique.

Even with considerable security precautions in place, Dorsey became the victim of the embarrassing compromise when attackers hijacked his phone number and took control of his Twitter account.

Dorsey's account was restored after a brief period during which the attackers posted a series of offensive tweets.

Some analysts say hackers have found ways to easily get enough information to convince a telecom carrier to transfer a number to a fraudster's account, especially after hacks of large databases that result in personal data sold on the so-called "dark web."

"Mobile accounts' text messages can be hijacked by sophisticated hardware techniques, but also by so-called 'social engineering'—convincing a mobile provider to migrate your account to another, unauthorized phone," said R. David Edelman, a former White House adviser who heads a cybersecurity research center at the Massachusetts Institute of Technology.

"It only takes a few minutes of confusion to make mischief like Dorsey experienced."

© 2019 AFP

Citation: Twitter nixes tweets by text after CEO account hack (2019, September 5) retrieved 24 April 2024 from https://techxplore.com/news/2019-09-twitter-nixes-tweets-text-ceo.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Twitter CEO hack highlights dangers of 'SIM swap' fraud
3 shares

Feedback to editors
High-energy-density capacitors with 2D nanomaterials could significantly enhance energy storage

6 hours ago
Study shows potential of super grids when hurricanes overshadow solar panels

7 hours ago
Rubber-like stretchable energy storage device fabricated with laser precision

7 hours ago
On the trail of deepfakes, researchers identify 'fingerprints' of AI-generated video

7 hours ago
New tech could help traveling VR gamers experience 'ludicrous speed' without motion sickness

9 hours ago
Why can't robots outrun animals?

9 hours ago
Virtual sensors help aerial vehicles stay aloft when rotors fail

10 hours ago
New insights lead to better next-gen solar cells

10 hours ago
Scientists pioneer new X-ray microscopy method for data analysis 'on the fly'

10 hours ago
Going with the flow: Research dives into electrodes on energy storage batteries

10 hours ago
Load comments (1)