Network News

X My Profile
View More Activity
Anchored by Melissa Bell  |  About  |  Get Updates:  Twitter  |  Facebook  |  RSS Feeds RSS Feed

Twitter virus 'onMouseOver' pinned on 17-year-old Australian and Japanese developer

Yesterday's Twitter "onMouseOver" virus had the social media site aflutter when a bug spread rapidly through users' feeds thanks to a loophole in the site's security.

Although the company said no major damage had come from the virus, it did reveal a major vulnerability and raised fears that another security breach could spread massive damage very quickly.

Now, Mashable reports that the originators of the virus have come forward to claim responsibility. Pearce Delphin, or @zzap on Twitter, tweeted a code with a JavaScript function that other users modified to perform auto retweets and open third-party sites.

Someone call up the script kiddies, we got sum XSS exploits over here.less than a minute ago via TweetDeck

Guardian reports that Masato Kinugawa, a Japanese developer, reported the vulnerability to Twitter on Aug. 14, but found the same problem when the new Twitter launched a month later. He created the function to turn tweets different colors.

The most interesting bit about this is how time zones affected the spread of the virus. The virus started in the afternoon in China and spread west as users woke up. It hit Sweden, then Russia, until finally making its way to Twitter headquarters in California. Read the whole story here.

By Melissa Bell  | September 22, 2010; 10:05 AM ET
Categories:  The Daily Catch  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Music Morning: Nick Cave and Joan Jett do not duet
Next: Bob Woodward book buildup: The reactions begin

No comments have been posted to this entry.

Post a Comment

We encourage users to analyze, comment on and even challenge washingtonpost.com's articles, blogs, reviews and multimedia features.

User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.




characters remaining

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company