Android users are being urged to check their smartphone apps as a new threat is uncovered
This warning came from the Twitter security team who claimed they received a report about a malicious mobile that allows hackers to gain access to people’s personal data, adding that the threat isn’t from any of their software.
In the statement, the social network said: “Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores. After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn.
“We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email, and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”
Shedding more light on the issue, the social network said, the malicious SDK could be embedded within a mobile application and could expose personal information such as email, username, last Tweet to be accessed and taken using the malicious SDK.
The social network, therefore, advised users to delete any application which looks malicious. “If you think you may have downloaded a malicious application from a third-party app store, we recommend you delete it immediately,” Twitter said in a blog posted online.
Speaking on the issue,Twitter spokeswoman, Lindsay McCallum said users should review the apps they used in connecting to their accounts.
Although no accounts were put in the hands of cybercriminals, Twitter said the evidence discovered confirmed that the attack has access to some Android account.
Twitter also said they will contact those who have been targeted by the attack, adding that they have informed Google and Apple of the threat, so necessary actions could be taken.
Along with Twitter, it has also been reported that some Facebook users may have been targeted by the same attack.