Twitter disables SMS-to-tweet feature after its CEO got hacked last week

Twitter disables one of the site's earliest features in response to CEO getting hacked last week.
Written by Catalin Cimpanu, Contributor

LONDON, ENGLAND - SEPTEMBER 13: Logos for the microblogging site Twitter, displayed on the internet on September 13, 2013 in London, England. Twitter has announced plans to float on the stockmarket. (Photo by Mary Turner/Getty Images)

Mary Turner, Getty Images

Twitter is disabling the ability to send tweets via SMS messages after an incident last week when the company's CEO Twitter account got hacked via this feature.

The social network said the move is only temporary, but did not provide a timeline for the feature's reactivation.

Twitter blamed the whole issue on mobile networks and "vulnerabilities that need to be addressed by mobile carriers."

According to a statement Twitter published last week, hackers took control of Jack Dorsey's phone number and used the SMS-to-tweet feature to publish offensive tweets on the CEO's official account last Friday, August 30.

The technique hackers used to gain control of Dorsey's phone number is named SIM swapping, a technique that has become wildly popular with hackers in the US over the past two years [1, 2, 3].

SIM swapping is a simple social engineering trick during which hackers convince, trick, or bribe employees at mobile operators to transfer a victim's phone number to a SIM card under the attacker's control.

Usually, hackers who employe SIM swapping also use the temporary control they have over a victim's phone number to reset passwords for online accounts.

Twitter said that this didn't happen in Dorsey's case and that the hackers only used the SMS-to-tweet feature to publish tweets on the Twitter CEO's profile. Twitter staff secured Dorsey's account within 30 minutes by removing the phone number attached to the CEO's account.

The SMS-to-tweet feature is one of Twitter's oldest components and one which many have said helped the site gain its early popularty.

A lesser known fact is that the initial tweet limit of 140 characters was put in place so tweets could fit inside the SMS messages that powered the SMS-to-tweet feature.

2019's tech, security, and authentication trends

Editorial standards