Twitter onMouseOver hack (1 Viewer)

pete

chronic procrastinator
Staff member
Since 1999
Joined
Nov 14, 1999
Messages
62,900
Solutions
3
Location
iPanopticon
Website
thumped.com
http://www.sophos.com/blogs/gc/g/2010/09/21/twitter-onmouseover-security-flaw-widely-exploited/

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link.

Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.



It appears that in Sarah Brown's case her Twitter page has been messed with in an attempt to redirect visitors to a hardcore porn site based in Japan. That's obviously bad news for her followers - over one million of them.



To Mrs Brown's credit, she has posted a warning on her Twitter page:

don't touch the earlier tweet - this twitter feed has something very odd going on ! Sarah


ah sure you have to laugh
 
1. why was this possible to start with? sloppy.
2. now that it's happened, why aren't they just filtering 'onmouseover' out of tweets? is it still sleepy time in california?
 
Javascript onmouseover being used to Tweet, DM, RT and open 3rd party websites without having to click anything.
 
I am so thick, I moused over it twice. Even after realising what was happening after the first spammage. Granted it was a slip of the hand, but really you should just avoid the main website til its sorted.
 
Does anyone actually use twitter in a browser?

In real words; I only know of one person who does.
 

Users who are viewing this thread

Activity
So far there's no one here
Old Thread: Hello . There have been no replies in this thread for 365 days.
Content in this thread may no longer be relevant.
Perhaps it would be better to start a new thread instead.

21 Day Calendar

Mohammad Syfkhan 'I Am Kurdish' Dublin Album Launch
Bello Bar
1 Portobello Harbour, Saint Kevin's, Dublin, Ireland
Mohammad Syfkhan 'I Am Kurdish' Dublin Album Launch
Bello Bar
1 Portobello Harbour, Saint Kevin's, Dublin, Ireland
Bloody Head, Hubert Selby Jr Infants, Creepy Future - Dublin
Anseo
18 Camden Street Lower, Saint Kevin's, Dublin, Ireland

Support thumped.com

Support thumped.com and upgrade your account

Upgrade your account now to disable all ads... If we had any... Which we don't right now.

Upgrade now

Latest threads

Latest Activity

Loading…
Back
Top