Twitter says it patched a vulnerability months ago that might allow hackers to spoof users' accounts via text message.
A researcher blew the whistle on a possible hole in Twitter's security this week when he publicly posted about a way hackers could take control of a user's account via SMS text message. Twitter has since responded, saying any vulnerabilities were patched months ago.
The news that Twitter accounts could be spoofed by SMS spread quickly after self-described security consultant Jonathan Rudenberg wrote a blog post explaining the issue. It's easy to send a text message from a fraudulent originating number, he says, allowing anyone who knows your phone number to post to Twitter on your behalf -- and even modify account info -- as long as you have tweeting via text message set up. Although Twitter allows users to set up PIN, that feature isn't available in the U.S.