Twitter Virus Update: XSS Security Flaw Patched

Twitter Virus Update: XSS Security Flaw Patched

Few hours ago, an identified “onmouseover” security flaw on Twitter.com was widely exploited by users which allow messages to pop-up and open third-party websites in web browsers, automatically.
The messages were said to spread virally and happens when a user hover a link or when moving the mouse over a link on the dashboard.

via Sophos

According to the software security firm Sophos:

It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed.

You can watch this video demonstrating the exploit on Twitter.

Users of third-party Twitter client like Hootsuite and Tweetdeck are safe, as the exploit only works on Twitter.com website.

However, in a post– Twitter says that the said exploit, a.k.a. XSS attack, has already been identified and patched. That means it’s safer now to visit Twitter.com.

If you are new here, you can subscribe either by E-mail or by RSS Feeds. Follow me also on Twitter.

Bert Padilla

Founding-Editor of Cebu Tech Blogger where he shares insights in eCommerce, Digital Marketing, Ad Ops, Tech, Startups, Technopreneurship, Life Goals and Hacks. He's the brainchild and ninja of a Cebu-based digital agency, TekWorx.Digital, with ventures TekWorx, (eCommerce and Digital Marketing), AdWorx (Outsourced Ad Ops for Publishers) and BlogWorx (full-fledged Blog Development service). Read his Full Curriculum Vitae. For training and consultancy, services, speaking engagements, blog partnerships or media invites, click here. Alternatively, get in touch with him on Messenger.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close Menu