Twitter users hit by viral hack attack


Twitter users hit by viral hack attack

Jenny Williams

Twitter users were victims of a cross-site scripting (XSS) vulnerability today as users reported message pop-ups and third-party websites being accessed without consent.

In a statement, Twitter said the exploit is now fully patched. "We have identified and are patching an XSS attack; as always, please message @safety if you have info regarding such an exploit," said Twitter.

In a blog post, Sophos security expert Graham Cluley said, "It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed.

"Some users are also seemingly deliberately exploiting the loophole to create tweets that contain blocks of colour, known as 'rainbow tweets'. Because these messages can hide their true content they might prove too hard for some users to resist clicking on them," he added.

Cluley advised users to use a third-party Twitter client rather than until the flaw is fixed.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy