A cybersecurity company named CloudSEK has published a report on Twitter, the world’s most popular microblogging platform. The published report revealed 3200 apps that leaked Twitter API keys. Moreover, 230 of them included authentication information that could be used to hack users’ accounts. This means that Twitter can suffer massive cyberattacks at any time.
While API keys don’t seem to matter to everyday users, that’s not the case. Thanks to API keys, developers can add Twitter features to their applications. If Twitter API keys fall into the hands of hackers, users’ critical information such as messages and account information can be exploited.
Worried about forming a bot army
Leaking Twitter APIs can destroy the Twitter user experience. Because hackers can change user information thanks to these APIs. Information such as people followed by an account, followers, profile photos can be made into what hackers want. If that happens, huge bot armies could be built on Twitter. Hackers who change real accounts can make Twitter unusable if they want to set the agenda. Cybersecurity experts are also most concerned about the establishment of these bot armies.
CloudSEK’s report has not produced any results for now. There is not much Twitter can do about leaking these APIs. Because the error here is caused by the developers. The company named BleepingComputer, which reviewed the report, states that they are examining the applications, but Twitter API keys are still leakable.
1992
