Thursday, May 25, 2017
Home / Security / Exploits / Twitter SMS Spoof exploit allow hackers to tweet via other accounts

Twitter SMS Spoof exploit allow hackers to tweet via other accounts

Twitter users who post tweets to their feeds via SMS could be vulnerable to a security flaw, according to Jonathan Rudenberg.

Rudenberg posted on his blog yesterday about an SMS vulnerability he came across in Twitter that allows anybody who’s knowledge of someone’s mobile number to post tweets to that individuals feed.

Twitter’s issue is that it automatically admits tweets from an originating address “implicitly,” according to Rudenberg. Additionally, in some countries, Twitter doesn’t support short codes, which ensure content is carried only over one carrier’s network and not between two operator services.

In order for the exposure to be exploited, victims must have SMS tweeting authorized on their accounts. From there, the attacker needs to spoof their actual mobile number through an SMS gateway.

Twitter has not responded to these claims yet.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …