Twitter.com under attack!

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link.

UPDATE: The flaw has been patched. Thanks Vasu.

It appears that in some cases the Twitter pages have been messed with in an attempt to redirect visitors to a hardcore adult site based in Japan.

Thousands of Twitter accounts have posted messages exploiting the flaw.

It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed.

Hopefully Twitter will shut down this loophole as soon as possible – disallowing users to post the onMouseOver JavaScript code, and protecting users whose browsing may be at risk.

Do not use Twitter website currently! Right now you might be safer using a third-party Twitter client rather than the Twitter.com website, advises Sophos.

Posted by with Tags
Anand Khanse is the Admin of TheWindowsClub.com and a 10-year Microsoft MVP Awardee in Windows for the period 2006-16. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.