Twitter Explains Away “onMouseOver” Attack

After receiving numerous reports from the twitterverse and blogosphere, Twitter has finally posted an explanation regarding the “onMouseOver” exploit.

The short story: This morning at 2:54 am PDT Twitter was notified of a security exploit that surfaced about a half hour before that, and we immediately went to work on fixing it. By 7:00 am PDT, the primary issue was solved. And, by 9:15 am PDT, a more minor but related issue tied to hovercards was also fixed.

The longer story: The security exploit that caused problems this morning Pacific time was caused by cross-site scripting (XSS). Cross-site scripting is the practice of placing code from an untrusted website into another one. In this case, users submitted javascript code as plain text into a Tweet that could be executed in the browser of another user. (Official Twitter Blog)

The company acknowledges that the exploit seemed to be geared more towards pranking users or promotion (note: of what the Twitter teams fails to elaborate), although they also stated that the exploit thus far didn’t seem to cause mayhem upon anyone’s computer.

According to Twitter the “onMouseOver” exploit only affected users tweeting from Twitter.com, as users utilizing official or third party apps (i.e. Twitter for iPad, Echofon, etc.) were not affected.

See Also

While this hack did cause an uproar in the twitterverse (as few knew how dangerous the exploit was), it probably justifies Twitter stance on using their own short URL in order to verify links being shared online.

Either way users should always be careful upon clicking links on Twitter, and only click on links from people (or organizations) that they trust.

Feeling stuck in self-doubt?

Stop trying to fix yourself and start embracing who you are. Join the free 7-day self-discovery challenge and learn how to transform negative emotions into personal growth.

Join Free Now

Picture of Darnell Clayton

Darnell Clayton

Darnell Clayton is a geek who discovered blogging long before he heard of the word "blog" (he called them "web journals" then). When he is not tweeting, friendfeeding, or blogging about space, he enjoys running, reading and describing himself in third person.

RECENT ARTICLES

TRENDING AROUND THE WEB

7 ways to politely get someone to leave your house when they just won’t go

7 ways to politely get someone to leave your house when they just won’t go

Global English Editing

4 Zodiac signs that are most likely to become self-made millionaires

4 Zodiac signs that are most likely to become self-made millionaires

Parent From Heart

People who can eat ‘messy’ foods in public without feeling self-conscious usually display these 8 traits

People who can eat ‘messy’ foods in public without feeling self-conscious usually display these 8 traits

NewsReports

If you never put up with these behaviors from others, you have a very confident personality

If you never put up with these behaviors from others, you have a very confident personality

Hack Spirit

7 habits of resilient people who bounce back stronger after setbacks, according to psychology

7 habits of resilient people who bounce back stronger after setbacks, according to psychology

Global English Editing

4 zodiac signs who have below-average social skills

4 zodiac signs who have below-average social skills

My Inner Creative