Twitter ‘onMouseOver’ security flaw widely exploited

Published September 21, 2010 12:23 pm in Guest blog, Malware, Naked Security, Social networks, Spam, Twitter, Video 0

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link. In a worrying development, messages are also spreading virally exploiting the cross-site-scripting (XSS) vulnerability without the consent of users.

Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.

Read more in my article at Naked Security.

Tags: onMouseOver, Twitter, Video, worm, XSS

Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast

Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:111: When rivals hack, and "extreme" baby monitors
110: What? You can get paid to leave Facebook?
109: Grinches target Amazon and Reddit, stealing Christmas from the poor

onMouseOver, Twitter, Video, worm, XSS

Navigation

No comments yet.

Leave a Reply Click here to cancel reply.

Categories

Contributors

Follow

Contact


79,941	3,071	16k