Today Twitter has announced that they have finally decided to temporarily disable a feature, called “Tweeting via SMS”. The feature has been around for some time and the decision to suspend the feature comes after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to his followers.
Twitter says “We’re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we’re working on improving this).” SMS is by far one of the most comprisable methods as hackers often use social engineering to trick the telecom company to transfer target’s phone number to their own SIM card.
A group calling themselves the Chuckling Squad hackers used the ‘Tweeting via SMS‘ feature to post tweets under his username, even without actually logging in to his account. Up until todays decision to disable Tweeting via SMS if you added your mobile number to your Twitter account, you can tweet by sending a text message to a short or long code.
Sending a text message to any of these short or long code phone numbers will post your message as a Tweet to your Twitter profile (and it will be sent to all of your followers)