Twitter blocks text-to-tweet function after 2nd major hack in a week
Following another hack of a high-profile account, Twitter has temporarily turned off a feature letting users tweet directly from text messages, arguing mobile carriers need to “address vulnerabilities” before bringing it back.
The company announced the suspension in a string of tweets on Wednesday afternoon, after the account of actress Chloe Grace Moretz was hacked and posted a spate of vulgar messages that have since been deleted.
“We’re temporarily turning off the ability to Tweet via SMS, or text message, to protect people’s accounts,” the company said, explaining there were “vulnerabilities that need to be addressed by mobile carriers.”
The social media platform added that it would work to prioritize reintroducing the feature in regions “that depend on SMS for reliable communication.”
Back when Twitter got started we tweeted via SMS. Then they built a web app and a mobile app and tweeting via SMS stopped being a thing. But you can still do it by texting to 40404. If you have your SIM swapped, anyone can Tweet as you. https://t.co/dGnDpslmfi
— Fred Wilson (@fredwilson) August 31, 2019
Twitter’s own CEO Jack Dorsey was hacked last week, resulting in a series of racially-charged, expletive-laden tweets, including praise for Nazi Germany. That hack appears to be linked to Cloudhopper, a service that allows users to post tweets via text message, which Twitter acquired in 2010.
1) Thread.As @jimfenton said, this smells like @jack got his account hijacked through easy sms spoofing, not physical simswap. Either that, OR Twitter might have discovered how sms spoofing could actually be used & its real potential (which is BAD.) https://t.co/9DrtECXAsn
— Per Thorsheim (@thorsheim) September 4, 2019
A text-to-tweet feature also seems to be the exploit used to take over the account of London’s Metropolitan Police last month. All of the intrusions appear to be the work of a group known as “Chuckling Squad” on the chat platform Discord. The group’s name and hashtags have been mentioned in every instance, while the hackers were in control of the compromised accounts.
Common to all the breaches was the tweet-by-text feature, which Twitter suggests still contains several security loopholes.
Also on rt.com Twitter CEO Jack Dorsey’s account ‘compromised,’ posted racial slursLike this story? Share it with a friend!