razorsedge
September 22nd, 2010, 01:17 AM
he Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link.
UPDATE: The flaw has been patched. Thanks Vasu.
twitter mouseover flaw Twitter.com under attack!
It appears that in some cases the Twitter pages have been messed with in an attempt to redirect visitors to a hardcore adult site based in Japan.
Thousands of Twitter accounts have posted messages exploiting the flaw.
It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed.
Hopefully Twitter will shut down this loophole as soon as possible – disallowing users to post the onMouseOver JavaScript code, and protecting users whose browsing may be at risk.
Do not use Twitter website currently! Right now you might be safer using a third-party Twitter client rather than the Twitter.com website, advises Sophos.
UPDATE: The flaw has been patched. Thanks Vasu.
twitter mouseover flaw Twitter.com under attack!
It appears that in some cases the Twitter pages have been messed with in an attempt to redirect visitors to a hardcore adult site based in Japan.
Thousands of Twitter accounts have posted messages exploiting the flaw.
It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed.
Hopefully Twitter will shut down this loophole as soon as possible – disallowing users to post the onMouseOver JavaScript code, and protecting users whose browsing may be at risk.
Do not use Twitter website currently! Right now you might be safer using a third-party Twitter client rather than the Twitter.com website, advises Sophos.