background preloader

Twitter Hack

Facebook Twitter

Sarah Brown: don't touch the earlier tw... Safety: We've identified and are p... Pete Cashmore: Twitter Mouseover Security... Twitter Mouseover Security Flaw Affecting Thousands of Users [WARNING] TweetDeck: There appears to be a expl... Run! The Great Twitter Mouseover Hack Is Eating Your Cheese! And Human Babies! Hubert Michaux: OMG ! my twitter looks lik... XSS attack identified and patched. Warning: Mouseover tweets security flaw is wreaking havoc on Twitter [Updated] BREAKING: Post javascript into your status update on Twitter and you can make something appear in the pop-up as a user mouses over your tweet.

This is clearly now causing havoc across the Twittersphere as users either do funny, rick-rollling type stuff, or scammers catch on to the exploit. It looks like many users are currently using the flaw for a joke but cybercrims could redirect users to third-party websites containing malicious code, or for spam advertising pop-ups. [Update: it appears the exploit could also fill and submit a status update form 'on your behalf' leading to it spreading to over 40,000 tweets within 10 minutes. Here are our top 5 ways to avoid and fix the onmouseover Twitter bug] This is only affecting the actual Twitter web site (which has the highest number of Twitter users), not third party apps like Tweetdeck, Seesmic, etc. As Security experts Sophos put it: This is a developing story, stay tuned for updates. Twitter flaw pumps out spam links. 21 September 2010Last updated at 15:03 By Jonathan Fildes Technology reporter, BBC News Sarah Brown, wife of former PM Gordon Brown, was one of those affected Twitter has patched a flaw in its website that was being exploited to pump out pop-up messages and links to porn sites.

Initially, users only had to move their mouse over a message containing a link - not click it - to open it in the browser. The code was spread by worms, self-replicating, malicious pieces of code. Thousands of users were caught out by the flaw, including Sarah Brown, the wife of the UK's former Prime Minister. "This issue is now resolved. "Users may still see strange retweets in their timelines caused by the exploit.

The firm said there was no need for users to change their passwords "because user account information was not compromised". People using the mobile web site or third-party Twitter software - such as Tweetdeck - were unaffected by the bug. 'No regrets' Twitter Security Flaw Causes Pop-Ups, Redirects for Thousands.