Caution: Twitter Mousover Security Flaw

Disclosure: We are a professional review site that receives compensation from the companies whose products we review. We test each product thoroughly and give high marks to only the very best. We are independently owned and the opinions expressed here are our own.

0 Flares Filament.io 0 Flares ×

poolbird Earlier today  Sophos website released a warning about Twitter mouseover and how some users are exploiting a new security flaw using mouseovers. This exploit causes popups and thirdparty websites to popup in your browser by just moving your mouse over the link. Right now most users are using the exploit to create a rainbow effect in their tweets. Because of this "loophole" some users may use it to hide the true content. Below is an example what some are doing with the flaw.

Twitter Mouseover Security Flaw

Potential Threats

As a tech support professional this is a big deal to me. Before getting into web design, I use to be technical support research analyist and before that I did a lot of PC repairs that including repair PCs that were infected with all sorts of junk. To me, this danger and should not be taken lightly. There are a lot of people out their that just want to hurt others. This exploit could easily go bad for Twitter and their users. There all sorts of things you could do with exploit that could cause havoc to a Twitter user’s machine. So be careful when using Twitter’s website to read Tweet stuff. If weird things happens close the popups and get off Twitter’s page right away. If those popups ask you something such as "click here" or asks you to download something, DO NOT DO THAT! Just close the popup by using the x button that you normally would use to close a window.

From the research I found, Twitter isn’t talking about it and several sites have asked for feedback from Twitter. But they haven’t gotten back to these requests, and Twitter’s blog hasn’t even made mention of this as of 8:13 AM central time on September 21, 2010. I will keep looking into this and if I find anymore or I find out this has been fixed I will let everyone know.

So in the mean time, I would stay way from using Twitter’s website and use third party apps such as Hootsuite or TweetDeck, since they do not seem to be affected by this security flaw.

For more details about the security flaw please check out Twitter ‘onmouseover’ security flaw widely exploited 

News Source: Sophos

Image Credit Sophos Screen Shot, bird in the pool

EvolutionaryDesigns.net runs on the Genesis Framework

Genesis Framework

Genesis empowers you to quickly and easily build incredible websites with WordPress. Whether you're a novice or advanced developer, Genesis provides the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go. It's that simple - start using Genesis now!


Take advantage of the 6 default layout options, comprehensive SEO settings, rock-solid security, flexible theme options, cool custom widgets, custom design hooks, and a huge selection of child themes ("skins") that make your site look the way you want it to. With automatic theme updates and world-class support included, Genesis is the smart choice for your WordPress website or blog.

About James

James spends most of his free time using social media and loves to teach others about design, web development, CSS, SEO, and social media. He is addicted to Wordpress, social media, and technology. You can reach him on his, personal website, Do not forget to follow him on Twitter @element321

Comments

  1. That was really a major security flaw on Twitter but i think its fixed now. This bug in Twitter came in front when a guy tried to put Javascript in Twitter and it worked. After that this dirty trick was picked by spammers and they drove thousand of visitors to their site within minutes.

Trackbacks

  1. Caution: Twitter Mousover Security Flaw…

    Twitter has a new security flaw. Some Twitter users are using the link mouseovers to create popups in the browsers….

  2. Story added…

    Your story was featured in Featured in MMO Social Network! Here is the link to vote it up and promote it: http://www.mmosocialnetwork.com/Twitter/Caution_Twitter_Mousover_Security_Flaw

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Flares Twitter 0 Facebook 0 Pin It Share 0 Buffer 0 Email -- Filament.io 0 Flares ×
%d bloggers like this: