Twitter hack opens popups, causes havoc - CBS News 8 - San Diego, CA News Station - KFMB Channel 8

Twitter hack opens popups, causes havoc

Posted: Updated:

NEW YORK (AP) — A new way to cause mischief quickly spread through short-messaging service Twitter on Tuesday morning before the site could fix the problem, as mysterious "tweets" of blocked-out text propagated themselves and caused popup windows to open.

Shortly before 10 a.m. Eastern time, (1400 GMT), Twitter said on its "safety" feed on the site that the attack had been shut down. It also said it does not believe that any user information was compromised, rather, the "vast majority" of the breaches were pranks or promotions.

The hack had been extra nefarious because the tweets activated without being clicked on — it was enough for Web surfers to move their mouse cursors over them. But it only affected visitors to Twitter.com. Various third-party programs used to send and read tweets, such as Tweetdeck, were unaffected.

The popups could, though didn't necessarily, contain malicious code that could take over poorly protected computers. The White House's official Twitter feed — followed by 1.8 million users — was among those affected, though the offending message was quickly taken down.

Fittingly for Twitter, which limits messages to just 140 characters, the virus may have been among the shortest on record. According to security software maker F-Secure Corp., the shortest virus so far was just 22 characters long.

Twitter said in a blog post it was notified of the security breach at 5:54 a.m. Eastern time. The problem was caused by something called "cross-site scripting." This allowed users to run JavaScript programs on others' computers, turning tweets different colors or causing the pop-up boxes to appear. Some users, Twitter added, took things a step further and included code that got people's accounts to re-tweet the messages without their knowledge.

"It was like a massive snowball fight that got out of control," said Ray Dickenson, chief technology officer at computer security firm SafeCentral.

But while the effects of Tuesday's mischief were very visible — such as the pop-ups — and playful, Dickenson said that he was worried because JavaScript can quietly do more malicious things, like sending people to sites that can infect computers.

Security breaches had been common in Twitter's early days, but the company has since worked to beef up its vigilance and the problems have become less common. Tuesday's hack coincided with Twitter's ongoing rollout of a redesign of its website, which tries to streamline users' Twitter feeds and make it easier to see photos and videos directly on the site, without having to click on a link to YouTube or Flickr.

Twitter said it discovered and fixed this problem last month, and that a recent site update unrelated to the redesign was responsible for its return.

 

 

Copyright 2010 The Associated Press.

  • CBS 8 FeaturesMore>>

  • San Diego County’s campaign finance data is hard to search. We’re here to help

    San Diego County’s campaign finance data is hard to search. We’re here to help

    Friday, April 20 2018 1:58 AM EDT2018-04-20 05:58:00 GMT
    This is a stack of Form 460s photographed on April 16, 2018. They are the most comprehensive finance reports that a California political campaign must file.This is a stack of Form 460s photographed on April 16, 2018. They are the most comprehensive finance reports that a California political campaign must file.

    In 2006, the city of San Diego began allowing political campaigns to electronically file their financial reports, giving the public easy access to information on money in city politics. The county of San Diego wasn’t as quick to make the same kind of information available and continues to lag behind the city’s efforts.

     

    In 2006, the city of San Diego began allowing political campaigns to electronically file their financial reports, giving the public easy access to information on money in city politics. The county of San Diego wasn’t as quick to make the same kind of information available and continues to lag behind the city’s efforts.

     
  • City leaders discuss the future of animal services

    City leaders discuss the future of animal services

    Thursday, April 19 2018 9:02 PM EDT2018-04-20 01:02:04 GMT

    Despite a dispute over contract stipulations, the San Diego City Council's Budget and Government Efficiency Committee advanced a proposal to have the San Diego Humane Society provide the city's animal services.

     

    Despite a dispute over contract stipulations, the San Diego City Council's Budget and Government Efficiency Committee advanced a proposal to have the San Diego Humane Society provide the city's animal services.

     
  • Unique pop-up exhibit celebrates avocados

    Unique pop-up exhibit celebrates avocados

    Thursday, April 19 2018 5:09 PM EDT2018-04-19 21:09:03 GMT

    By mid-June, San Diego will be home to The Cado, a first of its kind pop-up featuring multi-sensory art installations designed to take you inside, and out, of a California avocado.

     

    By mid-June, San Diego will be home to The Cado, a first of its kind pop-up featuring multi-sensory art installations designed to take you inside, and out, of a California avocado.

     
Powered by Frankly
All content © Copyright 2000 - 2018 Midwest Television, Inc. All Rights Reserved.
For more information on this site, please read our Privacy Policy, and Terms of Service, and Ad Choices.