Twitter vulnerability allows false links to be displayed.
Attackers can exploit the vulnerability not only to spread misinformation, but also for malicious activity.
Twitter vulnerability allows attackers to create tweets with content from well-known sites, but in fact they lead to other resources, including phishing or malicious ones.
The problem was discovered by researcher Terence Eden, drawing attention to the advertising tweet of a little-known account. The tweet contained an article by a well-known media, but, when clicking on the link, it was redirected to a completely different web site.
When publishing a link, the social network checks for the presence of special meta tags in the HTML code of the specified web page. With the availability of Twitter tag data, based on this information, creates a Twitter Cards multimedia block containing text, images or video. Attackers can manipulate this mechanism to create Twitter Cards based on the metadata of another site.
According to Eden, the problem occurs when the page specified in the tweet is looking for Twitterbot user agent. When a user agent is detected, the bot is redirected to another page, otherwise normal content will be displayed. When redirecting you to create a Twitter Card, the Twitter Card Generator tool will use the metadata of the page to which it was redirected.
Attackers can use this vulnerability not only to spread misinformation, but also for more dangerous activities, such as phishing and malicious campaigns. Detecting forged Twitter Cards is difficult because tweets do not display links, and when you hover the mouse pointer over a URL, only its abbreviated version of the link is displayed in the browser.
Currently, the vulnerability is still uncorrected.