Slashdot Mirror

← Back to Stories (view on slashdot.org)

Twitter Suffers Web Interface Exploit

Posted by CmdrTaco on from the they-meant-to-tweet-that dept.

HaloZero writes "We're seeing lots of re-tweets on Twitter.com right now, all containing a fragment of JavaScript, which re-tweets itself when moused-over on the Twitter web interface. This could easily be muted into a more sinister attack, so it is recommended that you use a third party client application, or refrain from social media altogether until the problem is resolved."

4 of 165 comments (clear)

  1. Or mobile by bbtom · · Score: 3, Informative

    If you want to use the web interface, the mobile version isn't affected: http://m.twitter.com/

    --
    catch (HumourFailureException e) { e.user.send("You, sir, are a humourless idiot."); }
  2. Hosts file by MidnightPsycho · · Score: 3, Informative

    Add "t.co" to your Windows Hosts file - this will stop the jibberish text.
    Although the web interface is still broke. (The interface goes grey, and
    any click still tries to go to the t.co web page)

    Add this to your Hosts file:

    0.0.0.0 t.co

  3. Additional details from Netcraft, Sophos by 1sockchuck · · Score: 3, Informative

    There's more info on the spread of this exploit from Paul Mutton at Netcraft and Graham Cluely at Sophos.

  4. Now FIXED by bbtom · · Score: 3, Informative

    It is now FIXED.

    http://twitter.com/delbius/status/25120366027

    --
    catch (HumourFailureException e) { e.user.send("You, sir, are a humourless idiot."); }