twitter logo Twitter Hacked By Cross Site Scripting

Twitter may be a great way to inform friends about what one is currently doing in the form of short text messages, but is its service safe enough? That is a question you will have to ask yourself, especially after the popular service had been compromised yesterday by a hack which exposed users to pop-ups and retweeted messages without any approval.

Read on for more information.

twitter logo Twitter Hacked By Cross Site Scripting

Twitter may be nothing more than a harmless text-messaging service, but once again, hackers have found ways to turn the company’s own services into something notably more malicious. And that was precisely what hackers did to Tweeter’s home page yesterday.

According to a report by SILive.com, Twitter was alerted to the security breach after users found “mysterious tweets of blocked-out text propagating them(selves) and causing pop-up windows to open”. And all of these happened without the need for any interaction on the user’s end: all that was needed was for a user to move the cursors over the ‘tweet’ to activate the hack.

While the pop-ups were mostly deemed as harmless, the impact of such a hack has left security researchers worried, as future hackers may not be that forgiving when it comes to exploiting such vulnerabilities. In particular, Ray Dickenson, chief technology officer for SafeCentral, has expressed concern that authors of such hacks may attempt to make use of such scripting to redirect users to websites which can potentially infect PCs.

Twitter has also confirmed the attack, stating that the problem has since been fixed. However, it should be worth nothing that the hack’s impact was limited only to those who used Twitter’s website to send their messages: third-party applications were not affected.

Source: SILive.com