Update 2: The Twitter emergency is over! Del Harvey, lead at Twitter’s Trust and Safety team has given the homepage the all clear: “The XSS attack should now be fully patched and no longer exploitable. Thanks, those reporting it.”

Update: Twitter has released a statement (via its @safety Twitter account). It says: “We’ve identified and are patching a XSS attack; as always, please message @safety if you have info regarding such an exploit.” Original story follows…

The Twitter homepage has been taken over by gigantic letters, blacked out tweets and malevolent rainbow messages. An exploit that allows tweets to use the ‘onMouseOver” JavaScript command is behind the problem. If you visit Twitter.com and haven’t got new Twitter yet, moving your mouse over those tweets automatically reposts messages or redirects you to other websites. Read on for details on how to keep safe during this minor Twitter apocalypse…

To avoid the Twitter homepage hack, stick to third party Twitter apps like Tweetdeck or Twitter for iPhone. If you’ve visited Twitter.com, delete any tweets that have been sent out without your permission and don’t visit again. Plenty of high-profile Twitter users have been caught out including Gordon Brown’s wife Sarah Brown who found a link to a Japanese porn site had been posted in her feed.

Check Out Our Most Recommended

Over on his blog, Sopho’s security expert Graham Cluley explains: “It looks like many users are currently using the flaw for fun and games but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code or for spam advertising pop-ups to be displayed.”

Twitter has yet to respond to the attack on the Twitter Status Blog. If you haven’t got a third party app installed on your machine, head for a web client like Brizzly or Streamie or use mobile.twitter.com which is free from the JavaScipt issues.

Typically, British Twitter users are responding to the Twitter hack with healthy doses of black humour with plenty of zombie quips and awesome pictures like Stuart Houghton’s take on the classic Keep Calm And Carry On poster which we’ve used above.

We’ll keep you posted on any developments as they come in. Head for high ground and remember, shoot any zombie tweets in the head. In the head!

Out now | £free | Twitter

Be Sociable, Share!
  • bensillis

    Bit rubbish as fun and games go isn't it? I'd rather play Minesweeper, or go make some tea.

  1. Love Me! The attention seeking machine
  2. London’s Solar Tree: Technology inspired by nature
  3. The fellowship of discovery: Inside the Royal Society

Hot chat, right here!


Our most commented stories right now...