Twitter, Facebook And Venmo Fixed SMS Vulnerability Discovered By Researcher

If you have a knack of making use of your social media accounts on your mobile and updating Facebook statuses or sending out tweets through SMS, a hacker may potentially start posting in place of you. This is a result of a particular vulnerability that has recently been discovered by a security researcher, named Jonathan Rudenberg.

SMS icon

According to Rudenberg, the vulnerability can be found in Facebook, Twitter and Venmo. The problem essentially lies with the inherent issues regarding the authenticity of an SMS. SMS authenticity has frequently led, in the past, to many spoofs perpetuated by hackers. And this case is no different.

Rudenberg found out that once a hacker knows the number associated with a given Twitter or Facebook account, he can spoof that number and pose as the actual user of that number to interact on the linked social media accounts. The hacker can essentially send all supported commands to Facebook or Twitter via SMS making use of this method. A similar hacking technique was discovered by another security enthusiast, named Suriya Prakash, in October.

Rudenberg brought the vulnerability into the notice of the said three companies. Of these, Facebook has been able to fix it and so has Venmo. However, the major concerns were cited towards the micro-blogging network, Twitter. When it was informed of the security lapse, it chose not to respond immediately.

However, once the vulnerability was made public which happens to be quite recent, Twitter has been quick to respond. For such users who make use of the short codes to interact with Twitter via SMS, the vulnerability has been fixed and they no longer have to worry about it.

Source: Titanous
Image Credit: Eric Schlange

[ttjad keyword=”microsoft”]


Salman Latif is a software engineer with a specific interest in social media, big data and real-world solutions using the two.Other than that, he is a bit of a gypsy. He also writes in his own blog. You can find him on Google+ and Twitter .

Leave a Reply