There was a huge bug in Twitter’s ad service network and the vulnerability could allow anyone to tweet from anyone’s handle with ease, until a security researcher found the flaw in Twitter’s Ad Studio.
Motherboard reported that Kedrisec, a security researcher found the flaw in February and reported it to Twitter by February 25 after spending several days looking for bugs. He found the flaw in the ad service, which allows advertisers to upload media. By exploiting the bug in this network, he was able to post tweets as any other user. He claims that the bug was ‘not quite difficult’ to exploit.
Twitter did their research on the topic and quickly blocked the hole. "By sharing media with a victim user and then modifying the post request with the victim's account ID the media in question would be posted from the victim's account," Twitter wrote in its summary of the bug.
‘In plain English, this means that the attacker simply needed to fiddle with the code that gets sent to Twitter when posting something to trick the social network into posting the tweet as somebody else—all without having to hack anyone's account,’ explains Motherboard.
The researcher was awarded a bounty of $7,560 and Twitter fixed the ad service bug within three days of reporting it.
