Malicious developer software gave app providers access to personal information from Facebook and Twitter users.
On Monday, Twitter dropped in a blog post : Through a so-called software development kit (SDK), which contained malware and was managed by various providers, providers of apps in the Google Playstore had access to various personal data from Facebook and Twitter. users.
The link made it possible
In many apps you have the option of logging in with your Facebook or Twitter account instead of a new login or linking the app to your accounts. The malicious SDK essentially implemented a vulnerability in the apps that used the SDK from MobiBurn and oneAudience, through which users' names, genders, email addresses, usernames and possibly their most recent tweets and posts could be read.
Twitter emphasized that there was no evidence that the Twitter account could be accessed directly via the vulnerability, but that this would have been technically possible. They informed Google and Apple about the vulnerability in the apps, but iOS users do not appear to be affected by the problem.
[mk_ad]
9.5 million Facebook users affected
According to “ Engadget ,” a spokesperson for the company said that it has now blocked access to Facebook for all affected apps and is also sending cease-and-desist letters to the SDK providers MobiBurn and oneAudience.
All 9.5 million Facebook users whose data may have been or are at risk as a result will also be informed by Facebook.
The SDK providers appease
The SDK provider MobiBurn explains in a statement on the website that no data was collected, shared or sold by Facebook. They themselves serve as intermediaries in the data business and work with a collection of SDKs, which in turn have been developed by other third parties for monetization.
However, MobiBurn will investigate the matter more closely and will stop all activities until it is clarified.
oneAudience also that no personal information was collected in its databases. A new SDK was passed on to the development partners on November 13th, with a request to update it as soon as possible.
oneAudience has also stopped all activities with immediate effect.
[mk_ad]
Conclusion
Neither Facebook nor Twitter are to blame for the data leak, but rather SDK providers who passed on malicious apps to their customers, which resulted in the software vulnerability being implemented in a large number of apps. Both platforms have now blocked the apps' access to the corresponding accounts, and the SDK providers themselves are no longer active.
Also interesting:
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

