Malicious SDK may have stolen personal data of Facebook, Twitter users

It seems like there has been yet another data leak. Both Facebook and Twitter have announced that the personal data of multiple users, who use their social media accounts to log into certain apps that were downloaded from the Google Play Store. 

In its official statement, Twitter noted that the vulnerability was not is Twitter’s software, but rather a lack of isolation between SDKs within an application. The micro-blogging site claims that the SDK maintained by oneAudience could be embedded within a mobile application, and could exploit a vulnerability in the mobile ecosystem. This could include access to personal information such as email, username, and last Tweet. Twitter also notes that while it could not find any evidence that the SDK was used to take over an account, it is possible to do so. However, it did find evidence that it was used to access personal data of some Twitter users on Android, but notes that there is no evidence that the iOS version of the SDK targeted people who use Twitter for iOS. Twitter also says that it informed both Google and Apple about the malicious SDK, so they those companies can also take the necessary action.

In a statement to CNBC, a Facebook spokesperson noted that there besides Oneaudience, Mobiburn was also developing malicious SDKs. Following its own investigation, Facebook claims that the apps have been removed from the platform and it has issued cease and desist letters against Oneaudience and Mobiburn. 

Both Facebook and Twitter plan to personally notify users affected by the issue. Twitter advises users to check which third-party apps users have authorised to their account and remove any that they do not recognise or no longer use. Facebook advises users to be more careful when selecting third-party apps to grant access to.



from Latest Technology News https://ift.tt/37AaYUR

Comments

Post a Comment

Popular posts from this blog

The Twitter board is reportedly not interested in Elon’s takeover offer

Image
Twitter’s board may have its work cut out for it. | Photo by Vjeran Pavic / The Verge Twitter’s board could be in for a fight with the company’s single largest shareholder. According to a report from The Information , it views Elon Musk’s offer to take over the company as unwelcome. This follows Musk’s offer to purchase the company for $43 billion earlier today. The company hasn’t publicly indicated how it’s planning on responding to Musk’s offer, but it’s reportedly planning to address it at an all-hands meeting at 5PM ET / 2PM PT today. Twitter’s board is also reportedly considering using a “poison pill” strategy to make it more difficult for Elon to acquire a large stake in the company and avoid a hostile takeover. Poison pills can, as one example , flood the market with shares once an investor acquires stock above a... Continue reading… from The Verge - All Posts https://ift.tt/9sVeQRp
Read more

Amazon is acquiring a podcast hosting and monetization platform

Image
Amazon Music Amazon Music is getting more serious about its podcast endeavors. Today, the company announced that it’s acquiring Art19, a major podcast hosting and monetization platform for an undisclosed sum. This means Amazon will now have a hand in hosting podcasters’ shows as well as selling ads against them because Art19 operates an ad marketplace that targets and inserts ads into programming. We’ve reached out to Amazon Music to learn more about what this acquisition might mean for podcasters who host on the service and will update if we hear back. This is a major step for Amazon as it looks to take on a bigger role in the podcasting world. Amazon Music only started offering podcasts in September last year , as did Audible in October . But in the... Continue reading… from The Verge - All Posts https://ift.tt/3xRMfb6
Read more