Twitter bug may have been exploited by state-sponsored hackers

0
31

Twitter admitted to a bug in one of its support forum APIs that allowed cyber thugs to discover a Twitter user’s account phone number country code and if the account had been locked. It’s possible, Twitter said, that this might be tied to state-sponsored attacks.

During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.

Twitter detected the attack on Nov. 15 and resolved the issue a day later on Nov. 16.

Other cybersecurity news:

Hackers hid code in memes posted on Twitter to communicate with malware

Speaking of Twitter, Trend Micro researchers discovered that cyber thugs hid code in memes posted to Twitter to communicate with malware. Malware-infected PCs took instructions from an embedded command in the meme. For example, the “print” command was hidden inside the memes, which enabled “the malware to take screenshots of the infected machines. The screenshots are sent to a C&C server whose address is obtained through a hard-coded URL on pastebin.com.” The malware had support for retrieving a list of running processes, capturing clipboard content, and retrieving usernames and filenames from infected machines.

While the malware was not downloaded from Twitter, Trend Micro said the threat is notable due to the malware’s commands coming from benign-looking, yet malicious, memes posted on a legitimate service — which also happens to be a popular social networking platform. It couldn’t be taken down until the malicious Twitter account was disabled. Twitter disabled the account on Dec. 13.  

Pay $4,000 in Bitcoin, or a hitman is coming for you

As if the fake bomb threat extortion emails, which morphed into a “pay up or acid will be thrown on you” extortion scheme weren’t bad enough, now there’s an hitman extortion email going around that demands victims pay $4,000 in Bitcoin to call off a hitman coming for the victims.

PewDiePie printer hackers strike again

PewDiePie printer hackers are at it again, causing printers to spew out a plea to subscribe to PewDiePie’s YouTube channel, as well as warning victims to up their printer security before it leads to physical damage or attackers capture sensitive documents as they are printed. The latest printer hack message, according to the hackers behind it, has been printed on more than 100,000 printers.

While some people think the hack is “cool,” security researcher Ankit Anubhav pointed out:

WordPress flaw could allow attackers to access admin features

Another day, another WordPress flaw. RIPS Tech revealed a logic flaw in the way WordPress created blog posts that could allow attackers to access features only administrators were supposed to have. The summary states:




Twitter bug may have been exploited by state-sponsored hackers