Twitter moves quickly to block Periscope chat spoofers
A previously unpublicised chat vulnerability in Twitter's Periscope live video streaming app has been patched by the company this morning.
Twitter tweeted it this morning: “We just patched a chat vulnerability that allows a malicious user to post messages appearing as another user in live broadcasts.”
It was followed by a second tweet:
This patch stops fake chats from being visible during live broadcasts. They will still appear in Replays till iOS/Andr/Web updates hit— Periscope (@periscopeco) June 30, 2015
Periscope is a live video streaming app for iOS and Android. It was purchased for a reported $100 million (£60 million) just three months ago.
Since its acquisition, it has been beset by claims that it has been used for video piracy including airing live the fifth season of Game of Thrones and the Floyd Mayweather Jr/Manny Pacquiao pay-per-view boxing match.
It also suffered another security glitch in March, just a week after the app was launched. On 31 March, it revealed: “2/If Tweet option is ON, and then you switch to private broadcast mode, the app will accidentally tweet the title of your broadcast.
“3/Your video IS STILL PRIVATE. The link WILL NOT load video or audio. Only intended participants can view the broadcast in the app.
“4/In the meantime, A temporary solution is to disable the Twitter button before tapping the private lock icon. This will disable tweeting.
“5/We're very sorry and worked to fix this bug as soon as we discovered it. Should be live in the App Store soon (we will confirm when it is)”.
Twitter could not be reached for a comment at the time of publication.