A serious glitch that led to a series of tight - spreading worm on Twitter ’s site Tuesday had been doctor in August but was incidentally re - introduce .
The glitch have mayhem until Twitter get it under ascendency afterwards on Tuesday morning . One of the worm sent out a blacked - out Twitter message to all the victim ’s followers . Another distributed Nipponese pornography .
The worms were particularly virulent because victim did n’t need to snap on a connectedness to spread out them to their following . All they had to do was vacillate over a specially write link send out in a Twitter message . That was enough to action the malicious computer code .
“ plausibly one C of thousands of people were bear on , ” said Beth Jones , a fourth-year scourge research worker withSophos , which was other to cover the issue . The causal agency : a basic Web programming wrongdoing that allowed Twitter users to add JavaScript to their tweet .
It turn out that the whole mess could easily have been avoided . Indeed , it should have been .
“ We discovered and patched this result last calendar month , ” Twitter said in a blog post Tuesday . “ However , a recent site update ( unrelated to unexampled Twitter ) unknowingly resurfaced it . ”
The bug had apparently been public knowledge since Aug. 23,when it was piece in the open - germ school text processing library used by Twitter .
That was bad news for Sarah Brown , the wife of former British Prime Minister Gordon Brown , whoinadvertently diffuse the pornographic rendering of the louse to her 1.2 million followers .
White House Press Secretary Robert Gibbs was also pip . “ My Twitter went haywire — absolutely no clue why it charge that content or even what it is , ” hewrote in a Twitter message . “ [ P]aging the tech guys … ”
This is n’t the first time Twitter has been wormed . Last year,17 - year - onetime Michael Mooney unleased a series of insect on the societal medium site .
This time around , it was a Nipponese hacker named Masato Kinugawawho discovered the issue , harmonise to a news report in the Guardian . Kinugawa had been sending Twitter message about the proceeds for several days , but on Tuesday he decide to prove it out with some worm code .
He produce the insect that sent redacted school text subject matter .
That first dirt ball was soon copied by many others .
“ The vast majority of feat related to this incident decrease under the joke or promotional categories , ” Twitter said in its web log place . “ exploiter may still see strange retweets in their timelines due to the exploit . However , we are not aware of any yield concern to it that would cause harm to data processor or their accounts . And , there is no need to shift passwords because user write up information was not compromise through this exploit . ”
Computerworld ’s Gregg Keizer conduce to this report .
