Network News

X My Profile
View More Activity
Anchored by Melissa Bell  |  About  |  Get Updates:  Twitter  |  Facebook  |  RSS Feeds RSS Feed

Twitter bug attacks the Internet interface

Update, 1:36 p.m.

The Twitter blog has new details about the Twitter virus that ran rampant through the site this morning, starting about 6 a.m. Eastern. The blog said a recent site update created the loophole but it did not have to do with the launch of the new Twitter interface.

It says, "Someone created an account that exploited the issue by turning tweets different colors and causing a pop-up box with text to appear when someone hovered over the link in the Tweet. This is why folks are referring to this an 'onMouseOver' flaw -- the exploit occurred when someone moused over a link."

The blog states that no private data have been revealed and that it should not harm any computers. However, users might still see stray tweets in their feed. Read the whole statement here.

10:30 a.m.
This morning a strange notice started popping up on Twitter feeds. There was a link and then HTML code. If users on Twitter.com moused over the link, a black box popped up, redirected them to a porn site and sent out the bug to their followers.

The virus took advantage of a security loophole introduced with the new Twitter interface a system update, but the problem seems to have been resolved. Twitter spokeswoman Carolyn Penner said in an e-mail, "The XSS attack should now be fully patched and is no longer exploitable."

Mashable was one of the first sites to put out a warning about the Twitter bug and news quickly spread through Twitter. The news did not spread quickly enough for thousands of users, however. Even the White House press secretary was not immune to the bug:

My Twitter went haywire - absolutely no clue why it sent that message or even what it is...paging the tech guys...less than a minute ago via web

Third-party Twitter sites, such as HootSuite and TweetDeck, did not seem to be affected. Seeing as the flashy launch of the new site was meant to draw users back to the Twitter interface, this virus comes at a bad time for the company, as people probably will do the complete opposite.

The virus also highlights the problem of URL shorteners. Because of the 140-character limit for tweets, many people use shorteners to convert a long URL. The Post, for example, uses "http://wapo.st." There are complaints that the shortened links do not allow people to know what they are clicking on, or in this case, moving their mouse over, leaving people vulnerable to attack.

By Melissa Bell  | September 21, 2010; 1:37 PM ET
Categories:  The Daily Catch  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Glenn Beck approves of Jon Stewart/Stephen Colbert rallies
Next: As National Book Festival approaches, we wonder: Which books changed your world?

Comments

Twitter is for vapid, egotistical people, who think everyone else is enthralled with the mundane details of their pathetic lives. Quit acting like school children, and grow up already.

Posted by: thomasmc1957 | September 21, 2010 11:22 AM | Report abuse

To the (left handed) thomasmc1957,
Congrats, you are obviously a card-carrying vapid, egotistical person. Enjoy your infantile outburst.
And may I compliment you on your eloquence...


Nope, sorry, got nothin'

.

Posted by: secapp | September 21, 2010 11:47 AM | Report abuse

Thomas: Have you ever really used twitter before? Sure, there's a lot of the "I'm running to the store" type updates but there's also a lot of really good information out there from reporters, researchers, politicians, etc. You can pick and choose who you follow so you can avoid the mindless drivel you're so annoyed by. You certainly don't have to use it if it isn't your cup of tea but to bash something that you obviously have very little experience with doesn't make a great deal of sense.

Posted by: ArlingtonVA3 | September 21, 2010 12:18 PM | Report abuse

Wait -- wasn't there a new Futurama episode about this? LOL.

Posted by: MiuBot116 | September 21, 2010 1:37 PM | Report abuse

must quickly solve this technical problem,TWITTER IS BIG SOCIAL NETWORK.

Posted by: hlmelsaid761 | September 21, 2010 4:43 PM | Report abuse

Post a Comment

We encourage users to analyze, comment on and even challenge washingtonpost.com's articles, blogs, reviews and multimedia features.

User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.




characters remaining

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company