FYI.

This story is over 5 years old.

News

China and Saudi Arabia suspected of hacking Twitter

“While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.”
twitter
Getty Images

China and Saudi Arabia were likely responsible for hacking campaigns that targeted Twitter last month, the tech giant said Monday.

The announcement sent the company’s stock price plummeting almost 7 percent, and comes amid an ongoing security crisis for the platform.

“We observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia,” Twitter said in a statement. “While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.”

Advertisement

The attacks attempted to exploit a flaw in one of the platform’s support forms, allowing attackers to expose the international dialing code related to a particular account, and whether or not the account was locked.

The vulnerability was first noticed on Nov. 15 and fixed 24 hours later. Twitter says this issue did not expose full phone numbers or any other personal data, and all those impacted have been notified.

READ: Half a billion Marriott guests may have had their data stolen

While the amount of data at risk was not huge, for dissidents trying to hide their location from within repressive regimes, the hack could have revealed location information.

What have China and Saudi Arabia said?

Twitter says it has informed authorities in China and Saudi Arabia about the issue.

Chinese Foreign Ministry spokeswoman Hua Chunying said Tuesday that Beijing’s position on internet security and attacks was consistent, adding that she hopes all sides can deal with this issue via talks and cooperation on the basis of mutual respect.

Saudi Arabia has yet to respond.

Do we know for certain that the attacks came from China and Saudi Arabia?

Attribution in cyberspace is notoriously difficult, so it’s impossible to say for certain that the attacks originated in these countries or that they were government-backed.

It is relatively easy to spoof the origin of online traffic, meaning another individual or group could have used Chinese or Saudi IP addresses to mask their true identity. It is unclear if Twitter has other evidence beyond IP addresses to back up its claim.

Advertisement

But this is not the only security problem at Twitter?

Security company Trend Micro revealed last week a new type of malware that is spread via code embedded in memes shared on Twitter.

According to company researchers, a user posted two tweets featuring malicious memes on October 25 and 26 via a Twitter account created in 2017. While the malware is not the most destructive — it takes screenshots of an infected computer and sends them back to the malware’s command and control server — the trend will be a worry for Twitter and its users.

Researchers said the embedded code — a method known as steganography — could be altered to allow criminals to steal files from an infected PC or a number of other actions.

While the malware is not spread directly via Twitter, the platform is being used to direct infected PCs. It is not yet known who is behind the effort or what their goal is.

Is that it?

No. The Senate Intelligence Committee published two reports from independent researchers Monday looking at how Russia weaponized social media to impact the 2016 election.

While much of the reports’ content was already known, they did reveal the full scope of Moscow's disinformation efforts. The reports also highlighting the unwillingness of tech platforms to help examine Russia’s campaign. Twitter was accused of providing the “bare minimum” amount of information to investigators, and did so in a manner that was not easy to analyze. “There are likely more Russian accounts that the social media companies failed to identify,” one report warned.

Cover image: Twitter logo is seen on an android mobile phone. (Omar Marques/SOPA Images/LightRocket via Getty Images)