Twitter attack spurs thousands of unintended tweets

Early Tuesday morning, Twitter fell victim to a cross-site scripting attack that resulted in many thousands of unintended tweets, spammy links, and more.

Using malicious Javascript, attackers were able to force “retweets” of specific status updates—some close to 30,000 times—if users so much as moused over an infected tweet while logged in. Only the Twitter Website itself was affected; folks who relied on desktop or mobile versions of Twitter wouldn’t have noticed the exploit, save for a few appearances of the nefarious tweets in their timelines.

By around 9:45 a.m. Eastern time, Twitter had acknowledged the attack and begun working on the fix for its breakfast-chronicling, celebrity-stalking, microblogging network. The company reports that the patch to fix the vulnerability is rolling out across its servers.

To comment on this article and other Macworld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon