Twitter opted to temporarily disable the feature that allows users to post tweets via SMS, in response to the hack of the CEO’s account.
Twitter announced to temporarily disable the feature that allows users to post tweets via SMS, in response to the hack of the CEO’s account.
“We’re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we’re working on improving this),” reads a message posted by Twitter.
“We’ll reactivate this in markets that depend on SMS for reliable communication soon while we work on our longer-term strategy for this feature.”
Last week the Twitter account of Jack Dorsey, CEO at Twitter and co-founder, and published and retweeted offensive and racist tweets.
The company quickly removed any tweet and retweet made by the attackers. Just after the account was hacked, Twitter’s CEO name ‘Jack‘ started trending on Twitter.
“Yes, Jack’s account was compromised,” said Brandon Borrman, Vice President Global Communications atTwitter. “We’re working on it and investigating what happened.” said a Twitter spokesperson.
A group referring to itself as the Chuckling Squad took credit for the hack of the profile that has more than four million followers.
One tweet sent from the Jack Dorsey’s account also made a bomb threat, the hacker claiming they have placed a bomb at Twitter’s headquarters.
The hackers carried out a SIM swapping attack to take over Dorsey’s account. They used social engineering technique to trick an AT&T employee into transferring Dorsey’s phone number to a SIM card under their control. After the took over Dorsey’s number, they used the Cloudhopper service, owned by Twitter, to post tweets by sending SMS from the CEO’s account.
CloudHopper allows users to send out tweets using SMS messages from a phone number associated with their account.
Media reported that other high-profile people have also been targeted by Chuckling Squad using SIM swapping.
The post Twitter temporarily disables feature to tweet via SMS after CEO hack appeared first on Security Affairs.