Less than a week after Twitter CEO Jack Dorsey’s account on the micro-blogging platform was hacked by a notorious hacking group called ‘Chuckle Squad’, the company announced that it has temporarily turned off the tweet-via-SMS functionality that is believed to have been exploited by the miscreants to send a series of disturbing tweets from Dorsey’s account last Friday.
In a message on Wednesday, the company said that the step is necessary to ensure that telecom service providers address the vulnerabilities at their end to prevent the steady stream of hacks faced by celebrities and public personalities in the US over the past few weeks. The company also said that it working on a better way to ensure two-factor authentication (2FA) for enhanced security.
We’re temporarily turning off the ability to Tweet via SMS, or text message, to protect people’s accounts.
— Twitter Support (@TwitterSupport) September 4, 2019
In case you don’t know it already, Dorsey’s Twitter account was hacked last Friday after the phone number associated with his account was compromised “due to a security oversight by the mobile provider”. According to reports, the rogue tweets were sent via Cloudhopper, a service Twitter bought in 2010 to bolster its SMS service. The service works by posting to Twitter any text message sent to 404-04 from phone numbers linked to people’s Twitter accounts.
The so-called Chuckle Squad has been on a hacking spree of late, attacking the Twitter accounts of a number of celebrities and public personalities over the past month, including beauty vlogger James Charles, Shane Dawson, comedian King Back and most recently, actress Chloe Moretz. Rogue AT&T employees are thought to be behind most of the hacks, which is why Twitter is emphasizing that role of the mobile operators in the whole episode.