In spite of claims of a repair by Twitter, scientists at a Britain-based security company who earlier pirated accounts of numerous stars and journalists to expose a vulnerability have stated that the loophole still continues at the popular social media platform.
Insinia Security recently stated it effectively pirated the accounts of a number of celebs, including Eamonn Holmes, Louis Theroux, Simon Calder and Saira Khan to name a few.
To take control of the accounts, the scientists at the business utilized fake SMS verification that made it look like if they came from the account owners, The Telegraph reported.
A Twitter representative told press reporters on Friday that it had “dealt with a bug that permitted specific accounts with a connected UK telephone number to be targeted by SMS spoofing.”
But the hackers who published the unauthorized tweets to star accounts appeared to recreate the experiment after Twitter made its claim, Gizmodo reported on Monday.
A basic technique enabled scientists at Insinia Security to send tweets, direct messages, retweet and like tweets, follow and unfollow people, according to the company which cautioned that the vulnerability could be quickly made use of by country states, hackers and organised criminal offense groups.
The vulnerability could be utilized to “spread out phony news and disinformation through prominent celebs and journalists”, Insinia alerted in an article.
Insinia recommended that users ought to eliminate their telephone number from the Twitter account until the bug is repaired.
“Twitter must completely remove this functionality (SMS confirmation) as users count on their phone contributed to represent two-factor authentication,” Insinia said.