A massive security breach on Twitter this morning saw thousands of users being sent links to porn sites.
If you visited the site this morning, you probably were greeted by several unusual tweets from friends displaying lines of JavaScript. Scroll your mouse over them and you would have become the next victim in this attack.
Twitter has now fixed this, making the site safe to visit again. Here’s what was going on:
An internet worm was redirecting users to new websites, largely porn based, due to a flaw detected last night on Twitter.
The bug was spreading quickly because it worked just when the mouse hovers over a chunk of ‘infected’ text. Users did not have to click on the link for them to become the latest victim of this hack.
Hackers exploited a flaw that was part of a cross-site scripting (XSS) bug. This made it possible to include JavaScript in tweets, baiting unsuspecting users.
This security flaw definitely raises questions about Twitter’s ability to deflect attacks as its star rises. The hack appears to have only affected users on the old Twitter website, as this never became an issue on the new Twitter homepage that has started rolling out.
Editors' Recommendations
- Hacker sent to jail for huge 2020 Twitter breach
- Major Twitter hack in 2020 results in another arrest
- Final tweet by Chadwick Boseman’s Twitter account breaks record for most likes
- Twitter’s new story-like ‘fleets’ disappear after just 24 hours