Hackers increased the trouble of Twitter, if you also use Twitter, then be careful, according to a report, data of millions of Twitter users is being auctioned. In fact, due to a flaw in Twitter’s database, hackers gained access to the personal data of 5.4 million (5.4 million) users.
Now hackers are selling this data on the hacked forum for $ 30,000 i.e. about 23.96 lakh rupees. Twitter has not yet commented on the entire matter. Learn about the case in detail….
Twitter owner paid tribute to those who found this bug
The researcher who discovered the bug wrote in his post, “The flaw allows either party to obtain any user’s Twitter ID (which is equivalent to obtaining an account’s username) without authentication, regardless of whether the user have access to privacy.” This action may be restricted in the settings.
The bug exists because of the authorization process used in Twitter’s Android client, specifically in the process of checking for duplicate Twitter accounts.” In the post, the user also explained how the flaw could be replicated. It acknowledged the vulnerability as a “legitimate security issue” and offered a reward of $5040 (Rs 4.02 lakh) to the researcher.
hacker took advantages of this flaw
Then the micro-blogging platform corrected the error. However, a hacker took advantage of this loophole when he was active on Twitter and is now demanding $30,000 (approximately Rs 23.96 lakh) to give access to the database. As reported by Restore Privacy (via 9To5 Mac), the hacker is selling Twitter databases on the breached forum.
The report also states that posts with the username “devil” are still live on the platform. The malicious hacker also shared sample data from the database on the breached forum, which has been independently verified by the publication. However, Twitter has not commented on this yet.
January 2022, researcher found the flaw
HackerOne reported in January this year that a flaw in Twitter put users’ personal data at risk, including phone numbers and email addresses. Due to this flaw, millions of users are being threatened and anyone can access it. According to the report, through this flaw, anyone’s phone number or email address can be entered and their Twitter ID can be searched. The concern is that these details can be accessed even if the user has enabled the privacy settings to hide these details publicly.