This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/go/rss/int/news/-/news/technology-11382469
The article has changed 5 times. There is an RSS feed of changes available.
| Version 2 | Version 3 |
|---|---|
| Twitter scrambles to block worms | Twitter scrambles to block worms |
| (40 minutes later) | |
| By Jonathan Fildes Technology reporter, BBC News | By Jonathan Fildes Technology reporter, BBC News |
| Twitter has patched a flaw in its website that was being exploited to pump out pop-up messages and links to porn sites. | Twitter has patched a flaw in its website that was being exploited to pump out pop-up messages and links to porn sites. |
| Initially, users only had to move their mouse over a message containing a link - not click it - to open it in the browser. | Initially, users only had to move their mouse over a message containing a link - not click it - to open it in the browser. |
| The code was spread by worms, self-replicating, malicious pieces of code. | The code was spread by worms, self-replicating, malicious pieces of code. |
| Thousands of users were caught out by the flaw, including Sarah Brown, the wife of the UK's former Prime Minister. | Thousands of users were caught out by the flaw, including Sarah Brown, the wife of the UK's former Prime Minister. |
| "The exploit is fully patched," Twitter said on its status blog. | "The exploit is fully patched," Twitter said on its status blog. |
| People using third-party Twitter software - such as Tweetdeck - were unaffected by the problem. | People using third-party Twitter software - such as Tweetdeck - were unaffected by the problem. |
| The flaw comes just one week after Twitter rolled out a major redesign of its site. | The flaw comes just one week after Twitter rolled out a major redesign of its site. |
| 'No regrets' | 'No regrets' |
| The code exploited what is known as a cross-site scripting (XSS) vulnerability, a flaw in a website that can be exploited by relatively simple code. | The code exploited what is known as a cross-site scripting (XSS) vulnerability, a flaw in a website that can be exploited by relatively simple code. |
| In the case of the most recent flaw, the command - written in a programming language called Javascript - automatically directed users to another website, some of which contained pornography. | In the case of the most recent flaw, the command - written in a programming language called Javascript - automatically directed users to another website, some of which contained pornography. |
| The malicious links looked like a block of colour or a random URL that contained the code "onmouseover", which triggered when the cursor hovered over the link. | The malicious links looked like a block of colour or a random URL that contained the code "onmouseover", which triggered when the cursor hovered over the link. |
| As well as directing users to websites and pop-ups, the code also sent a message from the infected user's account containing more code, essentially making the command self-replicating. | As well as directing users to websites and pop-ups, the code also sent a message from the infected user's account containing more code, essentially making the command self-replicating. |
| "There is no legitimate reason to tweet Javascript," Graham Cluley, a researcher at security firm Sophos, told BBC News. | "There is no legitimate reason to tweet Javascript," Graham Cluley, a researcher at security firm Sophos, told BBC News. |
| The first self-replicating code, or worm, seems to have been written by a developer called Magnus Holm. | The first self-replicating code, or worm, seems to have been written by a developer called Magnus Holm. |
| "I simply wanted to exploit the hole without doing any 'real' harm," he told BBC News. "It started off as 'ha, no way this is going to work'." | "I simply wanted to exploit the hole without doing any 'real' harm," he told BBC News. "It started off as 'ha, no way this is going to work'." |
| He said the flaw had been identified by others and had already been used for other means. | He said the flaw had been identified by others and had already been used for other means. |
| "There were several other tiny hacks using the exploit - I only created the worm," he said. | "There were several other tiny hacks using the exploit - I only created the worm," he said. |
| Mr Holm said he had seen his worm passed around in at least 200,000 messages. | Mr Holm said he had seen his worm passed around in at least 200,000 messages. |
| Others soon copied his code using "other nasty or smart tricks" he said, including directing people to porn sites. | Others soon copied his code using "other nasty or smart tricks" he said, including directing people to porn sites. |
| "It was only a matter of time before more serious worms started." | "It was only a matter of time before more serious worms started." |
| A Twitter user called Matsta appeared to have spread one variant. Their account has now been suspended. | |
| Mr Holm said he had no regrets about his actions and was "not sure" whether he would receive a call from Twitter. | |
| It is not the first time the service has suffered an attack. | It is not the first time the service has suffered an attack. |
| In April 2009, another worm spread links to a rival site, again showing unwanted messages on infected user accounts. | In April 2009, another worm spread links to a rival site, again showing unwanted messages on infected user accounts. |
| Mr Cluley said that Twitter needs "much tighter control" over what users can contain in a tweet to prevent similar problems in the future. | Mr Cluley said that Twitter needs "much tighter control" over what users can contain in a tweet to prevent similar problems in the future. |
| He also warned users to continue to be on their guard, as once an exploit had been found there would be a raft of hackers looking for new ones or ways to circumvent the patch. | He also warned users to continue to be on their guard, as once an exploit had been found there would be a raft of hackers looking for new ones or ways to circumvent the patch. |
| "We've seen it in the past," he said. "When Twitter says they have fixed a flaw, we see a new exploit again and again." | "We've seen it in the past," he said. "When Twitter says they have fixed a flaw, we see a new exploit again and again." |