Twitter bug matched phone numbers to accounts in Armenia, Iran, France

Twitter bug matched phone numbers to accounts in Armenia, Iran, France
December 25, 2019 - 10:36 AMT

PanARMENIAN.Net - A security researcher said he has matched 17 million phone numbers to Twitter user accounts by exploiting a flaw in Twitter’s Android app.

Over a two-month period, Ibrahim Balic matched records from users in Israel, Turkey, Iran, Greece, Armenia, France and Germany, he said, but stopped after Twitter blocked the effort on December 20.

Balic found that it was possible to upload entire lists of generated phone numbers through Twitter’s contacts upload feature. “If you upload your phone number, it fetches user data in return,” he said, according to TechCrunch.

He said Twitter’s contact upload feature doesn’t accept lists of phone numbers in sequential format — likely as a way to prevent this kind of matching. Instead, he generated more than two billion phone numbers, one after the other, then randomized the numbers, and uploaded them to Twitter through the Android app. (Balic said the bug did not exist in the web-based upload feature.)

While he did not alert Twitter to the vulnerability, he took many of the phone numbers of high-profile Twitter users — including politicians and officials — to a WhatsApp group in an effort to warn users directly.

A Twitter spokesperson said the company was working to “ensure this bug cannot be exploited again.”

Related links:
TechCrunch. Twitter bug matched phone numbers to accounts in Armenia, Iran, Germany
 Top stories
Yerevan to host WCIT 2024Yerevan to host WCIT 2024
Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT).
Armenia moves to tax profits from Facebook, GoogleArmenia moves to tax profits from Facebook, Google
Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues.
Krisp raises $5m A round for its voice-isolating algorithmKrisp raises $5m A round for its voice-isolating algorithm
Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls.
Board Chairman։ Top officials have demanded Ucom alienationBoard Chairman։ Top officials have demanded Ucom alienation
Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020."
Partner news
 Articles
Revolut launches in Armenia

Fast and free money transfers, no hidden fees

 Most popular in the section
Ralph Yirikian to take over Ucom as CEO; Ara Khachatryan stepping down
Viva-MTS +Premium offers additional 30 GB, Yandex Plus subscription
Global Banking & Finance Review names Ucom as Armenia’s best telecom company
300 partners to arrive in Yerevan for Harmony Meetup 3.0 by Fastex
Home
All news
Overview: IT & Technology
Archive for December 25, 2019
Other news in this section
 Latest news
Erdogan wants “realistic road map” for relations with Armenia Turkish President Recep Tayyip Erdogan has called for a “new realistic road map” for relations with Armenia.
Armenia-Azerbaijan: Experts launch work on determining coordinates Expert groups from the countries started the process of determining the coordinates based on geodetic measurements.
Yerevan says did not expect CSTO in peacekeeping role Pashinyan has declared that the CSTO would be expected to come to the Armenia-Azerbaijan border as an ally of Armenia
Henrikh Mkhitaryan wins Serie A title with Inter Inter Milan midfielder Henrikh Mkhitaryan admits that the team have long been imagining clinching Serie A against AC Milan.
---