Iranian hackers behind Twitter identity theft?
Hackers have been exploiting a bug in Twitter social media to unveil the identity of users through the discovery of their phone numbers.
Today, Twitter declared in a report that hackers have been taking advantage of a feature in the social media app to uncover the identity of users by correlating them to their phone numbers.
The hack began on December 24, 2019. Twitter suspended accounts that were engaged in this kind of activity, but it is not yet clear whether the activities belonged to a single group or several actors were involved.
The bad news is, the hackers have been able to use this method to link 17 million accounts to their corresponding phone numbers. This means that an important step has been taken to discover the real identities of these users.Twitter declared, “After our investigation, we immediately made a number of changes to this endpoint so that it could no longer return specific account names in response to queries. Additionally, we suspended any account we believe to have been exploiting this endpoint.”
According to Twitter, only users who had enabled the “Let people who have your phone number find you on Twitter” option and who have a phone number associated with their Twitter account are affected by this bug. People who did not have this setting enabled or do not have a phone number associated with their account were not exposed by this vulnerability.
Who was behind the hack?
Twitter has not declared the identities of the hackers, but says that their IPs were from Iran, Malaysia and Israel. This is what the official news is, but if we connect the dots, we can find further information. In 2016, several independent researchers as well as Reuters revealed that Iranian hackers were using the application programming interfaces (API) from the messenger app Telegram to discover the phone numbers of 15 million Iranian users.
Given the dark history of the Iranian regime in identifying and tracing dissidents in cyberspace, it is not hard to guess which of the three mentioned countries have a vested interest in looking for the identities of Twitter users.
We recommend Twitter users to disable the feature that enables other users to find them from their email and phone numbers.