Android apps fraudulently access Facebook and Twitter user data


Facebook and Twitter have made an official announcement yesterday that few android apps were accessing the login info and other details of its users when the users used the same credentials into certain apps that were being downloaded via the Google Play Store.

According to a source from CNBC, the damage was being done by a Software Development Kit (SDK) used by OneAudience and Mobiburn apps which were found guilty of giving access to Facebook (FB) and Twitter users without their consent.

Security researchers working for the news site found that the apps accessed info such as email addresses, user names, most recent Facebook and Twitter posts and the followers and the people they were following.

It is being reported that hackers can take control of anyone’s account through this vulnerability repeating last month’s hacking saga of Twitter founder Jack Dorsey.

Lindsay McCallum the official spokeswoman for Twitter warned users to review the apps which were using the credentials of their respective social media accounts as there is a chance that these accounts could or could have already accessed sensitive info of the users.

Affected users of Twitter will be emailed about the vulnerability soon and the company is also intending to inform Google and Apple on this newly found vulnerability.

Some of the apps which were found guilty of stealing Facebook and Twitter credentials include names such as Giant Square and Photofy.

Meanwhile, Mark Zuckerberg led company FB has announced that we will be releasing a new research app named Viewpoints in Jan’19 which will be basically a survey app that will be rewarding users with points. The app is said to be available for Android users for now and will be focusing on how long users are using other apps and software on Google-owned Android operating systems.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display