IN AN extremely stressful year for social media users who have been bugged several times this year, Twitter on Saturday admitted a malicious code was inserted into its app by a bad actor that could have compromised several Android users’ information worldwide, including in India. Some users in India woke up to an email from Twitter, warning them to update the app for Android and immediately change the password.
The vulnerability within Twitter for Android could allow the bad actor to see non-public account information or to control your account (send Tweets or Direct Messages), said an apologetic Twitter. “Prior to the fix, through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (Direct Messages, protected Tweets, location information) from the app,” Twitter said in a statement.
The company said it does not have direct evidence that malicious code was inserted into the app or that this vulnerability was exploited, but it can’t be completely sure. Twitter, however, did not divulge the number of affected users.