Twitter onMouseOver hack (1 Viewer)

pete

chronic procrastinator
Staff member
Since 1999
Joined
Nov 14, 1999
Messages
59,631
Solutions
3
Location
iPanopticon
Website
thumped.com
http://www.sophos.com/blogs/gc/g/2010/09/21/twitter-onmouseover-security-flaw-widely-exploited/

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link.

Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.



It appears that in Sarah Brown's case her Twitter page has been messed with in an attempt to redirect visitors to a hardcore porn site based in Japan. That's obviously bad news for her followers - over one million of them.



To Mrs Brown's credit, she has posted a warning on her Twitter page:

don't touch the earlier tweet - this twitter feed has something very odd going on ! Sarah


ah sure you have to laugh
 

pete

chronic procrastinator
Staff member
Since 1999
Thread starter
Joined
Nov 14, 1999
Messages
59,631
Solutions
3
Location
iPanopticon
Website
thumped.com
1. why was this possible to start with? sloppy.
2. now that it's happened, why aren't they just filtering 'onmouseover' out of tweets? is it still sleepy time in california?
 

aoboa

Well-Known Member
Joined
Aug 1, 2001
Messages
4,083
Javascript onmouseover being used to Tweet, DM, RT and open 3rd party websites without having to click anything.
 

jonah

Well-Known Member
Joined
Apr 22, 2009
Messages
6,646
I am so thick, I moused over it twice. Even after realising what was happening after the first spammage. Granted it was a slip of the hand, but really you should just avoid the main website til its sorted.
 

Goodbye

New Member
Joined
Sep 8, 2001
Messages
15,290
Does anyone actually use twitter in a browser?

In real words; I only know of one person who does.
 

Users who are viewing this thread

21 Day Calendar

Gilla Band
National Stadium
145 S Circular Rd, Saint Catherine's, Dublin, D08 HY40, Ireland
Yule (15 Years)
Dalymount Park
7 Dalymount, Phibsborough, Dublin 7, D07 P2T0, Ireland

Latest Activity

Loading…

Support thumped.com

Support thumped.com and upgrade your account

Upgrade your account now to disable all ads... If we had any... Which we don't right now.

Upgrade now

Latest posts

Trending Threads

Latest threads

Top