- Small Business Trends - http://smallbiztrends.com -
Twitter Attack Caused Thousands to Retweet a Single Message
Posted By Shawn Hessinger On June 12, 2014 @ 7:33 pm In Social Media | 5 Comments
A Twitter attack caused thousands of people’s accounts to retweet a single message this week.
But this was apparently only if the original tweet that started the trouble was viewed through TweetDeck, a popular application used to manage Twitter accounts.
The tweet contained a code that exploited a bug in TweetDeck in turn setting off the spontaneous retweets. That code appears in the tweet below:
<script class=”xss”>$(‘.xss’).parents().eq(1).find(‘a’).eq(1).click();$(‘[data-action=retweet]‘).click();alert(‘XSS in Tweetdeck’)</script>?
— *andy (@derGeruhn) June 11, 2014 
Don’t worry, though. The bug in TweetDeck has apparently since been fixed. So this code should no longer affect Twitter accounts, even if it is viewed through your version of TweetDeck.
The incident was the result of a cross-site scripting attack. The attack exploited a vulnerability allowing an outside user to inject a malicious code into the system.
The code was designed to take over, at least temporarily, active “sessions” on Twitter. The more often the coded message was retweeted, the more Twitter users were affected.
At last estimate, at least 87,000 Twitter accounts had been touched by the attack, reports  Ars Technica. TweetDeck finally shut its service down to address the issue.
We’ve temporarily taken TweetDeck services down to assess today’s earlier security issue. We’ll update when services are back up. — TweetDeck (@TweetDeck) June 11, 2014 
Within an hour, the TweetDeck team reported they had fixed the problem and returned the system to normal.
The Twitter attack was apparently unintentionally initiated by a 19-year-old from Austria. Using only the names Florian or Firo when chatting  with CNN on Twitter, he said he had accidentally discovered the vulnerability.
But while he was trying to warn Twitter, he said others in the online hacker community noticed his communication and used the vulnerability to attack the site.
Twitter trouble  image via shutterstock
Article printed from Small Business Trends: http://smallbiztrends.com
URL to article: http://smallbiztrends.com/2014/06/twitter-attack-caused-thousands-accounts-retweet-single-message.html
URLs in this post:
 June 11, 2014: https://twitter.com/derGeruhn/statuses/476764918763749376
 reports: http://arstechnica.com/security/2014/06/powerful-worm-on-twitter-unleashes-torrent-of-out-of-control-tweets/
 June 11, 2014: https://twitter.com/TweetDeck/statuses/476770732987252736
 chatting: http://money.cnn.com/2014/06/11/technology/security/tweetdeck-hacked/
 Twitter trouble: http://www.shutterstock.com/pic-154181867/stock-photo-brussels-september-twitter-is-going-public-on-september-in-brussels.html?src=7ZU9TeyLhUk70wwyJFcuJg-1-2