Twitter ‘onMouseOver’ security flaw widely exploited

Published September 21, 2010 12:23 pm in Guest blog, Malware, Naked Security, Social networks, Spam, Twitter, Video 0

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link. In a worrying development, messages are also spreading virally exploiting the cross-site-scripting (XSS) vulnerability without the consent of users.

Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.

Read more in my article at Naked Security.

Tags: onMouseOver, Twitter, Video, worm, XSS

Share this article:

Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast

Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:120: Silk Road with Deliveroo
119: Hijacked homes, porn passports, and ransomware regret
118: The 's' in IoT stands for security

onMouseOver, Twitter, Video, worm, XSS

Navigation

No comments yet.

Leave a Reply Click here to cancel reply.

Categories

Contributors

Follow

Contact


81,754	3,138	16k