Tuesday, September 21, 2010

Warning! Twitter has been hacked!

I was on Twitter for a brief time just now, and I noticed some strange looking blacked-out links in my timeline. Soon after, I noticed a few warnings were posted by some of my followers about a Twitter bug. It seemed to be spreading rapidly, even during the short time I was on. I checked the Twitter blog for their latest status report and there was no mention of the bug so I signed out and looked for reports about the 'bug' in the news.

I found this report from Metro.co.uk :

Twitter 'hacked' by big letters of doom
The Twitter website has been invaded by a spate of gigantic letters and black boxes, thanks to a newly discovered 'onMouseOver' exploit that allowed tweets to repost themselves repeatedly or redirect users to other websites

My advice - stay away from Twitter until this 'bug' is fixed!

UPDATE: Twitter: The Bug Is Fixed
XSS attack identified and patched. 
We've identified and are patching a XSS attack; as always, please message @safety if you have info regarding such an exploit.
We expect the patch to be fully rolled out shortly and will update again when it is.

Update (6:50 PDT, 13:50 UTC): The exploit is fully patched.

No comments:

Post a Comment