Breaking News

SAMA Launches Exclusive Amazon Prime Day Deals on Flagship PC Cases and AIO Cooler Lineup Transcend Launches Ultra-Fast PCIe Gen5 SSD MTE260S Power Your World with DJI's New Portable Power Station Power 2000 G.SKILL CAMM2 DDR5 Memory Module Demonstrates DDR5-10000 Overclock Speed on ASUS Z890 Motherboard JCB Phone Launches New Rugged Smartphone Range to Power Global Expansion

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Security Firm Hacked Celebrity Accounts to Spur Twitter Fix

Security Firm Hacked Celebrity Accounts to Spur Twitter Fix

Enterprise & IT Dec 28,2018 0

Insinia Security hijacked the Twitter accounts of a number of celebrities, including Eamonn Holmes, Louis Theroux, Simon Calder, Saira Khan and many more, in order to expose alleged flaws in the service.

In a blog, the firm said it managed the feat by analysing the way Twitter handles messages posted by phone. Knowing a person's phone number could let attackers send messages from accounts they do not control, it said.

It recommends that Twitter users remove their phone number from their accounts as a precaution.

Other celebrities whose accounts it temporarily hijacked included the travel journalist Simon Calder and the TV presenter Saira Khan.

Insinia faced criticism for its latest attempt to publicise the issue, since the attack was done without any permission from the Twitter account owners. Although security firms commonly perform such "proof of concept" actions, they could be considered as a breach of the Computer Misuse Act.

Mike Godfrey, chief executive of Insinia, said his firm had only "passive interaction" with the Twitter accounts it targeted and denied it had broken the law.

"We have not had access to any Twitter account and have not seen any of their direct messages.

"There's nothing unethical or irresponsible about what we did."

Insinia reassured victims of its demonstration in a tweet saying "The user of this account has not lost access to it, no data compromised and is not under attack".

Inisina said it had managed to inject its messages onto the targeted accounts by analysing the way the social network interacted with smartphones when messages are sent.

Knowledge about this process, coupled with publicly available information on Twitter's text message policies and a target's phone number allowed the security firm to post messages that appeared to come from the account's real owner.

Inisina has called on Twitter to issue a fix saying the vulnerability could be exploited to send fake news or spread disinformation.

Additionally, it said, the shortcomings could be used to "send direct messages to trusted contacts in the victim's network to socially engineer people into clicking links that will install advanced malware to remotely control devices".

Anyone worried that they might fall victim to this kind of spoofing attack should remove their phone number from their Twitter account, it added.

Tags: TwitterHacking
Previous Post
Tesla Names Oracle's Ellison to Board, Ends SEC Charges
Next Post
Internet Outage Affected CenturyLink Customers

Related Posts

  • MSI has been hacked, be warned about where you download files

  • Elon Musk to Acquire Twitter

  • Hackers gain access to PS5 Debug Menu and show decrypted PS5 firmware files

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • EA Gets hacked - 780GB of data and sourcecode stolen

  • Twitter Marks President Trump's Tweet With Tag Warning About "Violence"

  • Twitter's New Settings Let You Choose Who Can Reply to Your Tweet

  • European Supercomputers Researching Covid-19 Report Hacking Attacks

Latest News

SAMA Launches Exclusive Amazon Prime Day Deals on Flagship PC Cases and AIO Cooler Lineup
Cooling Systems

SAMA Launches Exclusive Amazon Prime Day Deals on Flagship PC Cases and AIO Cooler Lineup

Transcend Launches Ultra-Fast PCIe Gen5 SSD MTE260S
PC components

Transcend Launches Ultra-Fast PCIe Gen5 SSD MTE260S

Power Your World with DJI's New Portable Power Station Power 2000
Consumer Electronics

Power Your World with DJI's New Portable Power Station Power 2000

G.SKILL CAMM2 DDR5 Memory Module Demonstrates DDR5-10000 Overclock Speed on ASUS Z890 Motherboard
PC components

G.SKILL CAMM2 DDR5 Memory Module Demonstrates DDR5-10000 Overclock Speed on ASUS Z890 Motherboard

JCB Phone Launches New Rugged Smartphone Range to Power Global Expansion
Smartphones

JCB Phone Launches New Rugged Smartphone Range to Power Global Expansion

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

Arctic Liquid Freezer III 420 - 360

Arctic Liquid Freezer III 420 - 360

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Soundpeats Pop Clip

Soundpeats Pop Clip

Noctua NH-D15 G2

Noctua NH-D15 G2

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Crucial T705 2TB NVME White

Crucial T705 2TB NVME White

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed