Despite claims of a fix by Twitter, researchers at a Britain-based security firm who earlier hijacked accounts of several celebrities and journalists to expose a vulnerability have said that the loophole still persists at the popular social media platform.
Insinia Security last week said it successfully hijacked the accounts of a number of celebrities, including Eamonn Holmes, Louis Theroux, Simon Calder and Saira Khan among others.
To take control of the accounts, the researchers at the company used fake SMS verification that made it appear as if they belonged to the account owners, The Telegraph reported.
A Twitter spokesperson told reporters on Friday that it had “resolved a bug that allowed certain accounts with a connected UK phone number to be targeted by SMS spoofing.”
But the hackers who posted the unauthorised tweets to celebrity accounts appeared to reproduce the experiment after Twitter made its claim, Gizmodo reported on Monday.
A simple method allowed researchers at Insinia Security to send tweets, direct messages, retweet and like tweets, follow and unfollow people, according to the company which warned that the vulnerability could be easily exploited by nation states, hackers and organised crime groups.
The vulnerability could be used to “spread fake news and disinformation via influential celebrities and journalists”, Insinia warned in a blog post.
Insinia recommended that users should remove their phone number from the Twitter account untill the bug is fixed.
But even as the Election Commission has made social media companies follow certain norms, such as pre-certification of political ads to prevent misuse of the platforms, such measures are unlikely to bring adequate transparency to the whole process
Despite all the efforts put in place by social media companies to show who is paying for the political advertisements on their platforms, the users may not know the actual amount spent to run political campaigns on these websites.
Facebook has a searchable database for political ads which anyone can access. This Ad Library report from the social media giant shows that Indians have spent over Rs 6.5 crore in over 30,000 ads related to politics since February 2019 — in the run up to the general elections.
Similarly, Twitter also has an Ad Transparency Centre which allows one to search which account has spent how much in the past seven days.
While these efforts are being regarded as important steps towards bringing transparency in the political process, they may not reflect the complete picture of how the social media space operates, according to experts.
“Influencers play a very important role in political campaigns and 90 per cent of the transactions related to these campaigns are done through cash,” social media expert Anoop Mishra told IANS.
Knowing which party is spending how much on social media is important because much of what trends on Twitter or what becomes popular on Facebook – with potential to impact voter behaviour – may actually be due to the money and manpower of political parties while creating an illusion of organic support from hundreds and thousands of users in these platforms.
“Every political party including the BJP (Bharatiya Janata Party), Congress, Samajwadi Party and BSP (Bahujan Samaj Party) are trying to push their agenda on social media. But those parties with greater money, manpower and tech expertise are likely to win the social media war,” Mishra said.
He added that political parties were employing a large number of people to make their propaganda material viral on social media.
“In terms of political ads, social media companies should allow only certified agencies to post ads. This would make the monitoring process much easier for everyone. Allowing any individual to post political ads complicates the monitoring process. This is a big loophole,” he said.
“Encrypted platforms like WhatsApp could be used extensively to spread advertisements and propaganda, which could be difficult to be tracked,” added Prasanth Sugathan, Legal Director, Software Freedom Law Centre (SFLC.in), a Delhi-based not-for-profit legal services body.
But even as the Election Commission has made social media companies follow certain norms, such as pre-certification of political ads to prevent misuse of the platforms, such measures are unlikely to bring adequate transparency to the whole process. (IANS)