Twitter has notified users about a vulnerability discovered in its Android app that made it possible for accounts to be compromised. The company has since addressed the problem and is encouraging users to update their apps to the latest version. When exploited, the vulnerability could allow attackers to access private information like protected tweets, and even send tweets or DMs.
Just update your app — Twitter hasn’t found evidence anyone ever took advantage of the exploit, saying that doing so involved, “inserting malicious code into restricted storage areas of the Twitter app.” But, the company is urging users to err on the side of caution.
Twitter for Android versions 7.93.4 (for KitKat) and 8.18 (for Lollipop and newer) both include a fix. If a user has enabled auto-install of updates they probably already have it.
The social network occasionally deals with hijacked accounts, but oftentimes it involves SIM swapping, a method that’s also complicated and as such is typically used to target high-profile individuals. Hackers recently took over CEO Jack Dorsey’s account using this method.