Twitter ‘onMouseOver’ security flaw widely exploited

Published September 21, 2010 12:23 pm in Guest blog, Malware, Naked Security, Social networks, Spam, Twitter, Video 0

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link. In a worrying development, messages are also spreading virally exploiting the cross-site-scripting (XSS) vulnerability without the consent of users.

Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.

Read more in my article at Naked Security.

Tags: onMouseOver, Twitter, Video, worm, XSS

Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast

Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:104: The world's most evil phishing test, and cyborgs in the workplace
103: An Instagram nightmare, crazy iPhone deaths, and election hack claims
102: Ethical dilemmas, Girl Scouts, and porn-loving US officials

onMouseOver, Twitter, Video, worm, XSS

Navigation

No comments yet.

Leave a Reply Click here to cancel reply.

Categories

Contributors

Follow

Contact


78,315	3,017	16k