News

Twitter patches porn site worm flaw

21 Set/10

Twitter has today updated its website to patch a flaw that was allowing spammers to cause multiple pop-ups with links to porn websites.

The code has beens spread by worms and thousands of people around the world have been caught out.  The self-replicating worm exploited a cross scripting (XSS) vulnerability and used just a small amount of Javascript to automatically direct Twitter website users to another website.

The vulnerability appeared to users as a coloured block that users only had to mouse-over to activate.

It only affected people directly using the website Twitter.com and not other third-party software such as TweetDeck or applications on smartphones.

The worm was initially created by Magnus Holm who “”simply wanted to exploit the hole without doing any ‘real’ harm” according to BBC News.  “It started off as ‘ha, no way this is going to work’.”  The flaw was later identified by others however after he used it and was then used for more unwanted purposes.

Mr Holm said he’d seen the worm passed around in at least 200,000 tweets.

In April 2009 Twitter suffered another attack that spread links to a rival website.  Twitter security chief Bob Lord said today This issue is now resolved. We apologise to those who may have encountered it.”


© Mike Halsey for gHacks Technology News, 2010. | Permalink | Add to del.icio.us, digg, facebook, reddit, twitter
Post tags: , , ,

Continua a leggere – Original Link: Twitter patches porn site worm flaw

Technorati Tags: , , , , , , , , , ,

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

Gestionale Immobiliare - Realizzazione Sito Web per Agenzia Immobiliare

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta