Twitter turns off tweeting via SMS after hackers hijack CEO Jack Dorsey's account

Tweet-by-SMS feature might be reinstated at a later date, Twitter says

Twitter is disabling its tweet via SMS feature just days after CEO Jack Dorsey's account was compromised due to security flaws.

The feature was recently exploited by hackers to hijack the account of Twitter CEO Jack Dorsey, posting offensive messages under his username.

Disabling the feature means that users can no longer post a message on Twitter by sending an SMS - one of Twitter's earliest functions, and the reason why it for years it restricted Tweets to just 140 characters.

The company said it might reactivate the feature at a later date, depending on how quickly weaknesses in mobile carriers ' systems are addressed.

"We ' re temporarily turning off the ability to Tweet via SMS, or text message, to protect people ' s accounts," Twitter wrote.

"We ' re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we ' re working on improving this)," it added.

https://twitter.com/TwitterSupport/status/1169334339672231936?ref\\_src=twsrc%5Etfw

Unidentified hackers accessed Dorsey ' s mobile account last Friday and used that access to tweet a bomb threat, a racial slur and several other messages under his username. All those messages were posted without hackers having to log directly into Dorsey ' s account.

Another high-profile Twitter hack was also reported yesterday, this time involving actress Chloe Grace Moretz.

According to Twitter, hackers accessed Dorsey ' s and Moretz ' s accounts through a SIM swapping technique (also known as Port Out scam), whereby they were able to trick mobile phone carriers into giving them control of victim ' s phone numbers.

In both cases, hackers posted tweets via the MMS company, Cloudhopper, by using the text-to-tweet feature.

Until yesterday, Twitter ' s policies allowed users to add their mobile number to their Twitter account to send tweets as texts, rather than using a laptop, desktop or a smartphone to update the status on the social platform. Such a feature, of course, pre-dates the boom in popularity of smartphones.

Cloudhopper was acquired by Twitter in 2010 and facilitated tweeting via SMS text messages.

The feature was important to Twitter in its early days, but it is more of a legacy feature today, because most people now use their smartphone and an app or PC/laptop to tweet from their accounts.

However, the hijack of Dorsey's account has stung Twitter into quick action in order to prevent further incidents of accounts being hacked via this method.

However, the hacks happening in recent days are not the only instances, where hackers were able to hijack accounts on Twitter to post offensive messages.

In March 2017, accounts belonging to Amnesty International, UNICEF USA and security blogger Graham Cluley, among others, were compromised by hackers in order to post abusive messages.

Earlier in 2015, Russian government-backed hackers used Twitter to breach networks of US government and defence industry computer systems and distributed malware to their targets.