Warning: Twitter under attack

A security vulnerability in Twitter is being exploited to redirect users to websites without their consent as well as “retweet,” or broadcast, the link to their followers.

Only those users who view the links on the official Twitter web interface while logged into their accounts seem to be affected at present, however.

What makes the “virus” particularly unique is the fact that users don’t have to click on a link to be affected. It makes use of a method called “onMouseOver” and JavaScript to make the user’s Twitter account do the bidding of the exploiter.

Mashable reports that they’ve seen versions of the exploit opening popups and redirecting users to pornographic websites.

One of the links, kindly provided by one of the people we follow, creates an overlay over the whole Twitter interface, retweets the link and sends a direct message somewhere.

We contacted Twitter for comment and received their standard “Something is technically wrong. Thanks for noticing…” message, but haven’t received any word from them yet.

ReadWriteWeb reports that Twitter has said that the cross-site scripting (XSS) attack has been identified and patched. We can confirm that for our accounts, including a throw away account we created to test some of the attack-tweets, the exploit doesn’t seem to be working anymore.

Warning: Twitter under attack << Were you affected?

Don't miss the latest news

• Add MyBroadband as a preferred source in Google Search
• Follow MyBroadband on Google News