A popular Twitter app has been temporarily taken offline after a cyber attack allowed a garbled message to be automatically re-tweeted.
The security flaw in TweetDeck, a web-based tool used by many Twitter users to send messages and manage their accounts, saw tens of thousands of people unwittingly post a line of code.
Users only found out they had been affected when a pop-up window appeared.
Twitter initially told TweetDeck users to log out and log back in.
But when that fix proved ineffective, the social networking site switched off the application's access to tweets for about an hour while engineers worked on a permanent solution.
There are no reports of any personal data having been obtained and, unlike with other recent security breaches, Twitter has not asked users to reset their passwords.
The attack exploited a vulnerability caused by "cross-site scripting", or XSS, which effectively allows code from an untrusted website to be placed into another.
Twitter was hit by a similar bug in 2010, when an attacker posted code that turned tweets different colours and caused a pop-up box to appear when a user hovered over a link in the tweet.
No comments:
Post a Comment