Twitter ‘onMouseOver’ security flaw widely exploited

Published September 21, 2010 12:23 pm in Guest blog, Malware, Naked Security, Social networks, Spam, Twitter, Video 0

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link. In a worrying development, messages are also spreading virally exploiting the cross-site-scripting (XSS) vulnerability without the consent of users.

Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.

Read more in my article at Naked Security.

Tags: onMouseOver, Twitter, Video, worm, XSS

Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast

Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:096: Bribing Amazon staff, and blinking deepfakes
095: British Airways hack, Mac apps steal browser history, and one person has 285,000 texts leaked
094: Rogue browser extensions, Twitter presence, and how to cheat in exams

onMouseOver, Twitter, Video, worm, XSS

Navigation

No comments yet.

Leave a Reply Click here to cancel reply.

Categories

Contributors

Follow

Contact


76,702	2,975	16k