Twitter disables tweeting via SMS after CEO gets hacked


Twitter has “temporarily” turned off the ability to tweet via text message just days after the feature was misused by hackers to tweet a racial slur, bomb threat, and other crude messages from the account of Twitter CEO Jack Dorsey.

The ability to tweet via text was important to Twitter in the service’s early days, but it’s more of a legacy feature at this point since most people rely on the smartphone app. The feature still exists, though, allowing you to text a number, such as 40404, and have that message posted to your account.

That can lead to real issues when someone’s phone number is stolen, which is a technique that hackers increasingly use to compromise accounts because phone carriers often don’t take care to properly secure them. That’s what happened last Friday to Dorsey. Once hackers had access to his number, they were able to use text messages to post under his username, even without otherwise being logged in to his account.

We’re temporarily turning off the ability to Tweet via SMS, or text message, to protect people’s accounts.
We’re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we’re working on improving this).

224 people are talking about this

Twitter says it’s making the change “to protect people’s accounts.” It blamed mobile carriers, saying they need to address vulnerabilities that allow this kind of misuse. Twitter also said it needed to improve its two-factor authentication system, which relies on text messages as well and could be compromised in the same way.

                                                                     Advertisement
                                                  

No comments