If endlessly scrolling through Twitter on your phone is part of your daily ritual, you’re going to want to update the app as soon as you can if you’re an Android user. This week, Twitter confirmed a vulnerability in its Android app that could let hackers see your “nonpublic account information” and commandeer your account to send tweets and direct messages.
According to a Twitter Privacy Center blog posted Friday, the (recently patched) security issue could allow hackers to gain control of an account and access data like location information and protected tweets “through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app,” potentially putting the app’s millions of users at risk. A tweet from Twitter support later elaborated that the issue was fixed for Android version 7.93.4 (released in November for KitKat) as well as version 8.18 (released in October for Lollipop and newer).
So if you use Twitter’s Android app, you need to update to the latest version. Like, now. It’s ok, I’ll wait . . .
(Twitter’s iOS app apparently wasn’t affected in all this, so iOS users feel free to keep scrolling to your little heart’s content.)
The blog post went on to say that there’s currently no evidence to suggest any bad actors have exploited this bug, but “we can’t be completely sure” so Twitter’s taking a proactive response. It’s currently emailing users who are most at risk for this exploitation and providing instructions on how to update the app.
While this doesn’t appear to be the same vulnerability a hacker exploited to co-opt Twitter CEO Jack Dorsey’s account back in August, you can gauge by that blunder just how embarrassing these security issues can be. Just throw this baggage on top of the other recent privacy scandals Twitter and Android have waded into ahead of the new decade.