IBM researcher Uses SSL Flaw to Demonstrate How An Attacker Can Steal Twitter Logins

Twitter SSL Flaw Hacking
If well all knew the culprit of every hacking incident on Twitter then computer users would never have to worry about the dangers of using social networks ever again. Too bad we do not live in that perfect world and the reality we face is that Twitter is one of the many social networks that continues to be a huge target for hackers.

A flaw within SSL (Secure Sockets Layer) protocol could be used to trick Twitter users into sending messages that contains their login password. This discovery was made last week by an IBM researcher. This process can only be successfully accomplished through a hacker gaining access onto the unsuspecting user's network to initiate what is called a 'man-in-the-middle attack'. Basically, this process will probably not affect a large number of Twitter users.

With the recent discovery of an SSL flaw in Twitter, security questions come to mind such as how many other websites, or social networks for that matter, suffer from this same flaw? Fortunately for Twitter, they were able to patch the flaw but it remains to be a potential issue for other possibly affected sites.

Security experts are greatly concerned that this SSL flaw may affect webmail applications or even databases. Just think of the repercussions if a hacker was able to obtain the login information of banking accounts belonging to wealthy individuals or companies.

An SSL flaw is a serious bug that needs to be patched once discovered. This type of flaw, such as in Twitter's case, can allow client renegotiation which gives the web site the ability to ask its users for an SSL certificate when a user is connected to the site. This means if a user has restricted access then it could be opened up to other 'non-authorized' users.

Sites that have discovered an SSL flaw have the ability to simply disable it altogether until a solution is rendered which will keep hackers from accessing private information. Bottom line, an SSL flaw is a serious matter regardless if you are Twitter or a site that harbors credit card information.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.