Twitter Attack Caused Thousands to Retweet a Single Message

Twitter attack

A Twitter attack caused thousands of people’s accounts to retweet a single message this week.

But this was apparently only if the original tweet that started the trouble was viewed through TweetDeck, a popular application used to manage Twitter accounts.

The tweet contained a code that exploited a bug in TweetDeck in turn setting off the spontaneous retweets. That code appears in the tweet below:

Don’t worry, though. The bug in TweetDeck has apparently since been fixed. So this code should no longer affect Twitter accounts, even if it is viewed through your version of TweetDeck.

Cross-Site Scripting Attack

The incident was the result of a cross-site scripting attack. The attack exploited a vulnerability allowing an outside user to inject a malicious code into the system.

The code was designed to take over, at least temporarily, active “sessions” on Twitter. The more often the coded message was retweeted, the more Twitter users were affected.

At last estimate, at least 87,000 Twitter accounts had been touched by the attack, reports Ars Technica. TweetDeck finally shut its service down to address the issue.

Within an hour, the TweetDeck team reported they had fixed the problem and returned the system to normal.

19-Year-Old Could Be Unintentionally Responsible

The Twitter attack was apparently unintentionally initiated by a 19-year-old from Austria. Using only the names Florian or Firo when chatting with CNN on Twitter, he said he had accidentally discovered the vulnerability.

But while he was trying to warn Twitter, he said others in the online hacker community noticed his communication and used the vulnerability to attack the site.

Twitter trouble image via shutterstock

More in: 5 Comments ▼

Shawn Hessinger Shawn Hessinger is the Executive Editor for Small Business Trends and a professional journalist with more than 20 years experience in traditional and digital media for trade publications and news sites. He is a member of the Society of Professional Journalists and has served as a beat reporter, columnist, editorial writer, bureau chief and managing editor for the Berks Mont Newspapers.

5 Reactions
  1. Oooh this will surely create some noise in the social media sphere. Twitter is big and Tweetdeck has a lot of users. But I am glad that it is already fixed though. But it is somewhat scary to see a pile of tweets that are all the same.

    • It’s even scarier (in my opinion) to see how easy it was to happen in the first place. It seems to be no longer a matter of ‘if’, but ‘when’ and ‘how’ and ‘how bad?’

  2. Even though Tweetdeck fixed the problem fairly quickly, it shows just how vulnerable it is. I’ve forgotten most of my coding from my web development days, but the code looks pretty simple to me for it to disrupt things (albeit temporarily).

  3. Martin Lindeskog

    Is it Hootsuite safer to use than Tweetdeck?

  4. Interesting that it was unintended Shawn lol….glad to see things seem to be OK now.