Twitter said Friday that it fixed a flaw in its app for Android devices that hackers could have exploited to hijack accounts.
In a blog post, the social networking service said it patched a bug that could have been leveraged by a bad actor to send tweets or direct messages on behalf of another user.
“We recently fixed a vulnerability within Twitter for Android that could allow a bad actor to see nonpublic account information or to control your account (i.e., send Tweets or Direct Messages),” said the blog post.
“Prior to the fix, through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (e.g., Direct Messages, protected Tweets, location information) from the app,” said the blog post.
Twitter said it had no evidence the vulnerability was exploited, but that it is “taking extra caution” and alerting individuals who could have been exposed to the bug.
Android users unsure of what to do should update their Twitter app to the latest available version, the blog post said.
Twitter said the bug did not affect the company’s app for Apple’s iOS mobile operating systems.
The most recent version of Twitter’s app for Android devices available in the Google Play store was released Tuesday.
Twitter’s app for Android devices has been installed more than 500 million times since becoming available on the operating system in 2010, according to the Play store’s statistics.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.