Twitter hack sends users to hardcore porn sites
September 22nd, 2010 - 3:14 pm ICT by ANIWashington, Sept 22 (ANI): Hackers have managed to exploit a security flaw on the popular micro-blogging site Twitter, by activating pop-ups and even directing some users to hardcore porn sites.
The hack utilized the onMouseOver JavaScript code to run automatically when a user visits the Twitter.com site, tweeting itself out to other users and redirecting users to malicious sites.
According to security analysis firm Sophos, simply running your mouse over certain tweets could activate pop-ups, send you messages, or even redirect you to another site.
“It’s tens of thousands if not hundreds of thousands of messages that have been posted,” Fox News quoted Sophos senior technology consultant Graham Cluley as saying.
“It’s pretty widespread and has left some major egg on the face of Twitter.
“It shouldn’t be possible to plant JavaScript code like this into your tweets,” he said.
Cluley also added that there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code.
He said many current security risks are two-part procedures, as first they take over a browser and redirect the PC to a compromised website, then they load up additional code to continue the exploit.
Twitter representatives have said that the security flaw has been fixed.
“The XSS attack should now be fully patched and no longer exploitable. Thanks, those reporting it,” the company wrote in its Safety news feed. (ANI)
- Twitter Hacked? Loophole Found And Fixed, Users Relieved - Sep 22, 2010
- JavaScript can allow anyone to access your web-surfing history - Dec 04, 2010
- Twitter suffers from a security flaw, recovers from a security attack - Sep 21, 2010
- Beware Of Facebook Worm, Thousands Infected - Jun 05, 2010
- 'Clickjacking' epidemic spreads across Facebook - Jun 04, 2010
- Warning for Facebook users: 'Sexiest video' message contains malware - May 19, 2010
- Twitterati should be aware of worms, warns experts - May 03, 2009
- Lady Gaga's free iPad contest is a hoax - Dec 22, 2011
- Cyber criminals increasingly targeting social networks - Jan 19, 2011
- British Royal Navy's Website Hacked, Restoration Continues - Nov 09, 2010
- Facebook in row over moderation process - Mar 03, 2012
- Facebook scam says Lady Gaga's dead! - Aug 07, 2011
- Attack on Gawker enables spammers to take over Twitter accounts - Dec 14, 2010
- Experts warn against iPhone security flaw - Aug 05, 2010
- Cyber criminals to target social networks, mobile devices: Security Report - Apr 06, 2011
Tags: cybercriminals, fox news, hack, hackers, hardcore porn, hundreds of thousands, malicious code, news feed, onmouseover javascript, party websites, pop ups, safety news, security analysis, security flaw, security risks, senior technology, technology consultant, tweets, twitter, ups