Both Twitter and Facebook, confirmed that there is a possibility personal ones information millions of users have leaked malicious agents, from applications third parties. This information includes names, gender, emails, usernames and possibly the most recent tweets.
Such as he said Twitter on Monday: “We recently received a report about a malicious software development kit (SDK) maintained by oneAudience. The SDK was hidden in applications on Google Play Store and may "exploit a vulnerability in the device" to expose users' personal data to third-party developers.
Many applications often require users' social media access to provide them with features such as in-game rankings and the ability to share achievements. However the applications that contain this exploit kit give it hacker access to more information than has been agreed by users.
"While we have no evidence that it was used to take control of a Twitter account, it is likely that someone could do it," Twitter said.
Fortunately, there is nothing to indicate that iOS users were affected. However users Android they were not as lucky as many of their accounts were affected.
Twitter has updated Google and Google Apple and will also inform users who may have been affected. Unfortunately there is not much a user can do except delete applications he does not use and hope he is not affected.
Facebook users were also affected by the oneAudience SDK, as well as by a similar SDK from MobiBurn.
The company will also notify potentially affected users, amounting to 9,5 millions. In a statement to CNBC, Facebook claimed to have removed the dangerous applications.
In response, onAudience released a statement Monday, saying it would immediately halt its SDK, though it noted that an update had already been released to prevent data collection. "These data were never intended for collection, were never added to our database and were never used," the company said.
MobiBurn, on the other hand, stated that it never collected information and acted simply as an intermediary between applications. However, it intends to stop its work until the investigation into the case is complete.
This is yet another reminder that we should always be careful about the applications we download and not choose those that do not come from trusted developers.
Source: secnews.gr
