Twitter has recently addressed a security vulnerability that affected the Android version of the app, it could have been exploited by hackers to access sensitive information of the users (direct messages, protected tweets and location data) or take over their accounts.
The company is notifying the affected users through email and its app, it also recommends using the browser-based version of its social platform to the users that are unable to update the application.
The company did not disclose technical details about the vulnerability, it only said that the exploitation of the issue was very complex.
“We recently fixed a vulnerability within Twitter for Android that could allow a bad actor to see nonpublic account information or to control your account (i.e., send Tweets or Direct Messages).” reads the advisory published by Twitter. “Prior to the fix, through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (e.g., Direct Messages, protected Tweets, location information) from the app.”
Twitter declared that it is not aware of attacks in the wild that exploited the vulnerability.