Wednesday, December 5, 2012

Researcher disclosed information about spoofing attack in Twitter


The owners of the accounts linked to mobile numbers without the PIN code are at risk of being compromised.

According to an independent security researcher Jonathan Rudenberg, users of Twitter, whose settings 'SMS-tweets' at the moment are open, are at risk of being compromised.

According to the expert, the information contained in the software social network vulnerability is that the service does not properly check the permissions of fake mobile numbers to the settings of the user account. Such a way, a remote attacker who knows the phone number of the victim, may conduct spoofing attack and take control over another microblog.

"To carry out an attack is enough to know the phone number attached to the user account. In this case, hackers can send messages with a fake number, "- said the expert.

Rudenberg also said that Twitter developers were notified of the presence of gaps in August of this year. Since then, however, they no effort to eliminate the threat.


At the moment, the administration did not comment on Twitter statement researcher. At the same time, he assured the judge that in order to protect themselves from hacking, it suffices to check the PIN code the phone.

Links:
http://www.informationweek.com/.../twitter-users-vulnerable-to-sms-spoofing/240143707

No comments:

Post a Comment