In the world of today's social media, anything that is said can be used against you, at any time. As it turns out, Twitter announced that it would turn off its Tweet via SMS feature for an unspecified period of time after hackers abused and posted from two high-profile accounts, one belonging to Twitter CEO and co-founder, Jack Dorsey.
By potentially exploiting a vulnerability within Twitter's tweet via SMS feature, hackers were able to hijack Dorsey's Twitter feed and post racial slurs along with a fake bomb threat aimed at the headquarters of Twitter. The tweets, as you could imagine, stirred up some serious commotion and concern. Upwards of 4.2 million of his Dorsey's followers on Twitter witnessed the unusual tweets from his account, which were later suspected to be strange as Dorsey rarely posts multiple updates within a short period of time.
It was later pointed out that the hacker group dubbed Chuckling Squad was responsible for the incident. Moreover, the same hacker group has been known to hijack the Twitter accounts of several celebrities and well-known social media personalities in an effort to gain notoriety.
A day after the hack took place, Twitter announced that the incident occurred due to a security oversight from the mobile carrier. Essentially, the mobile carrier handling the SMS message for the tweet via SMS feature allowed an unauthorized party to tweet via the service where the attackers spoofed the phone number of the twitter user.
When the attack took place, Twitter promptly disabled the tweet via SMS feature until they could resolve the issue, which no time frame was given for restoring the service. Twitter published a tweet from their support account stating, We're taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we're working on improving this). From the looks of the tweet and its updates, Twitter has turned the feature back on but only for a "few locations that depend on SMS to Tweet."
We're taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we're working on improving this).
— Twitter Support (@TwitterSupport) September 4, 2019
Unfortunately, such cases of social media networks getting hacked are not new, and we will not see the last of them. In the past, we've witnessed many cases of large social media networks having to take precautions due to a hacking incident. However, this is one of the rare occasions that a founder or CEO of a company has had their account hacked, which shares some irony in itself.
Rest assured, if there is ever a vulnerability within a social media network that hackers see to leverage, they will do it without hesitation, especially hacker groups who are attempting to gain some temporary fame.