Subscribe

Researchers Discover 3,207 Mobile Apps That Reveal Twitter API Keys

August 3, 2022

Researchers from cybersecurity firm CloudSEK have uncovered about 3,207 mobile apps that reveal Twitter API keys, which is dangerous because it could allow attackers to gain unauthorized access to accounts associated with those keys.

To gain access to the Twitter API, secret keys and access tokens must be generated. These keys act as usernames and passwords for the apps and also as the users on whose behalf the API requests are made.

One of the dangerous consequences of these keys in the hands of a threat actor is the fact that they can be used to create a bot army that could potentially be used to spread misinformation on the social media platform.

In a hypothetical scenario, the API keys and tokens extracted from the mobile apps can be embedded in a program to conduct large-scale malware campaigns through verified accounts to target their followers.

The key leak is not limited to Twitter APIs.

In order to mitigate attacks from exposed API keys, it is important to check the code for directly hard-coded API keys. It is also important that keys are rotated periodically, as this will help to reduce the probable risks from a leak.

The sources for this piece include an article in TheHackerNews.

Top Stories

Researcher Says “APT” Label No Longer Reflects the Threat Landscape

How do you select a graph database? – Part 1

OpenAI plans major hiring push as competition intensifies

Intel to raise CPU prices by 10% as AI demand strains supply

Microsoft scales back Copilot integrations across Windows apps

OpenAI flags reliance on Microsoft and compute as key risks ahead of potential IPO

Related Articles

Researcher Says “APT” Label No Longer Reflects the Threat Landscape

March 23, 2026 David Shipley, co-host of Cybersecurity today is covering RSAC for Tech Newsday and Cybersecurity Today.  SAN FRANCISCO more...

Cursor’s Composer 2 launch sparks scrutiny over undisclosed model foundation

March 23, 2026 Cursor’s launch of its Composer 2 coding model drew immediate scrutiny after a developer uncovered evidence that more...

OpenAI plans major hiring push as competition intensifies

March 23, 2026 OpenAI is preparing to nearly double its workforce from about 4,500 to 8,000 employees by the end more...

GrapheneOS rejects OS-level age checks

March 23, 2026 GrapheneOS says it will not comply with new laws requiring operating systems to collect user age data more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.