Twitter Hacked: 'Twitter Virus' Forces You to Tweet Porn Links

by Jordan Yerman | September 21, 2010 at 07:18 am

1699 views | 11 Recommendations | 0 comments

Twitter Virus Spreads via Rollover

A Twitter virus struck earlier today, and it was a nasty one. Using a javascript exploit, the virus would strike when you roll over links in infected tweets. Your account would then retweet porn links. The "Twitter virus" can only hit you if you're using twitter.com itself; third-party Twitter clients such as Tweetdeck, Twhirl and Twitterfon are unaffected.

'Twitter Virus' Loophole Closed

The attack was not quite a true virus, but more of a Twitter hack, which took advantage of a gaping security hole.Twitter has closed the loophole that allowed the "Twitter virus" (a worm, actually) to spread (and it spread like wildfire), but those infected tweets are still out there. Use a client for now, or don't mouse over anything.

The exploit takes advantage of a flaw in Twitter's XSS (cross-site scripting): users can post their own onmouseover scripts... which can do stuff like send you to porn sites. Sophos Labs has videos demonstrating the problem, which are attached here.

Sarah Brown, wife of former UK Prime Minister Gordon Brown, was victimized by the Twitter virus:

To Mrs Brown's credit, she has posted a warning on her Twitter page:

don't touch the earlier tweet - this twitter feed has something very odd going on ! Sarah

The exploit takes advantage of the Javascript function onMouseOver, enticing users with colorful blocks of text—"rainbow tweets"—and then retweeting those messages automatically when the block is moused over. In some cases the links launch pop up windows, in others users are being directed to spam and porn sites.