September 21, 2010: Twitter Hacked with 'mouse over' Virus, Patched?

by the Left Coast Rebel

I don't use my Twitter account much (I should). RightKlik and MAinfo love the site and I know it's powerful, it's just not my cup of tea.

One of the reasons I avoid the site is due to my first experience with a Twitter virus. The virus hacked my account and then sent out messages to all of my followers - it took hours to clean up the mess. I've never had issues with other social networking sites like that.

Today's Twitter virus/hack was particularly nasty, sending out porn links and even went all the way to the White House:

MANHATTAN — Twitter users got a crash course in a sneaky new kind of virus Tuesday morning when a rampant bug swept through the social media website.

According to reports, users on the social media website were susceptible to the Twitter virus just by letting their mouse scroll over the link, giving the virus the chance to open an unauthorized pop-up window and then re-tweet itself through the user’s Twitter account, according to reports.

Among those affected was White House press secretary Robert Gibbs, whose twitter account sent out an unintelligible link early Tuesday, followed by a confused message.

“My Twitter went haywire - absolutely no clue why it sent that message or even what it is...paging the tech guys...,” Gibbs said on his Twitter feed Tuesday morning.

The virus appeared to be limited to spreading through the website, not Twitter applications like TweetDeck, TwitterBerry, or others, according to, which was the first to report the problem.

The so-called “cross site scripting” virus delivered pop-ups on users’ computers or sent users to third party websites including porn websites, according to Forbes.

The quick-spreading bug appeared to strike early Tuesday morning, and Twitter claimed it had patched the problem by 10:00 a.m., Mashable reported. Twitter’s website may have been made vulnerable by the new interface the company rolled out last week, according to reports.

Twitter spokeswoman Carolyn Penner said in an email, "The XSS attack should now be fully patched and is no longer exploitable," the Washington Post reported.

More discussion via Mashable and Memeorandum.

No comments:

Post a Comment

Commenting here is a privilege, not a right. Comments that contain cursing or insults and those failing to add to the discussion will be summarily deleted.