Twitter for Android app had another bug that exposed users’ phone numbers. By exploiting the vulnerability, a researcher succeeded in matching 17 million phone numbers with Twitter accounts.
Reportedly, researcher Ibrahim Balic discovered a bug in the Twitter for Android app. As per his findings, the bug allowed matching users’ phone numbers without hassle.
Sharing the details with TechCrunch, the researcher revealed,
The bug existed with Twitter’s contacts upload feature that accepted entire lists of phone numbers. Though the feature didn’t allow lists in a sequential format, it did accept random ones.
Hence, to test the bug the researcher generated a random list of two billion phone numbers. He then uploaded them to Twitter via the Android app.