SMS Vulnerability in Twitter, Facebook and Venmo · Jonathan Rudenberg

Twitter users with SMS enabled are vulnerable to an attack that allows anyone to post to their account. The attacker only needs knowledge of the mobile number associated with a target’s Twitter account. Messages can then be sent to Twitter with the source number spoofed.Like email, the originating address of a SMS cannot be trusted. Many SMS gateways allow the originating address of a message to be set to an arbitrary identifier, including someone else’s number.Facebook and Venmo were also vulnerable to the same spoofing attack, but the issues were resolved after disclosing to their

What the influencers are saying

  1. BrianHonan

    195.0 days ago

    RT @mikko: Vulnerability allows others to Tweet as you by spoofing your phone: http://t.co/aHVTsYpP You can delete the number at https:/ ...

  2. Mikko Hypponen

    195.0 days ago

    Vulnerability allows others to Tweet as you by spoofing your phone: http://t.co/aHVTsYpP You can delete the number at https://t.co/Sj90SgXa

  3. dragosr

    195.0 days ago

    SMS Origin Spoofing Vulnerability in Twitter, Facebook, Venmo - now fixed. interesting. http://t.co/lX5KVffO

  4. news.yc Popular

    195.0 days ago

    SMS Vulnerability in Twitter, Facebook, and Venmo http://t.co/wBSC4wIC

  5. Kimberly

    195.0 days ago

    RT @securityshell: SMS Vulnerability in @Twitter, @facebook and Venmo http://t.co/5yufn6G4

  6. Team Cymru

    195.0 days ago

    Twitter users with SMS enabled are vulnerable to an attack http://t.co/4CAR2ZMu

  7. wintr

    195.0 days ago

    RT @mikko: Vulnerability allows others to Tweet as you by spoofing your phone: http://t.co/aHVTsYpP You can delete the number at https:/ ...

  8. Chris Wysopal

    195.0 days ago

    SMS Vulnerability in Twitter, Facebook and Venmo via SMS spoofing. Wow, payments via SMS? not cool. http://t.co/NQTicXZD

  9. Sam Bowne

    195.0 days ago

    SMS Vulnerability in Twitter, Facebook and Venmo http://t.co/jcT7NNT6

  10. grecs

    195.0 days ago

    RT @WebBreacher: SMS Vuln in Twitter, Facebook, Venmo allows others to post as you: http://t.co/vNneQb0Q //Nice.

  11. Chris Boyd

    195.0 days ago

    RT @MarioVilas: SMS Vulnerability in Twitter, Facebook and Venmo http://t.co/B69sppOQ

  12. Avram Marius (d3v1l)

    195.0 days ago

    SMS Vulnerability in @Twitter, @facebook and Venmo http://t.co/5yufn6G4



, join the conversation

Related Reading

News

Most Popular

Commentary

On the Web

More On the Web»

Video

Slideshow



InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.