The business and culture of our digital lives,
from the L.A. Times

Twitter security flaw hits thousands of users [Updated]

Have something you have to tweet this morning? You might want to stay away from

Thousands of Twitter users are dealing with what seems to be a security flaw that is causing messages and third-party websites to pop up on the page when users “mouse over” posted links on the popular messaging site. The outside content appears even if users don’t click on the links. 

[Updated at 7:21 a.m.: Twitter said it had identified and patched the flaw and was urging users to message @safety in the future with information about problems. "We expect the patch to be fully rolled out shortly and will update again when it is," the company posted on its status blog.]

Third-party applications such as Tweet Deck and Tweetie appear to be unaffected. Users can delete problematic posts with those applications.

Graham Cluley, a researcher at security firm Sophos, wrote on his blog that the more than 1 million Twitter followers of Sarah Brown, wife of former British Minister Gordon Brown, had already encountered the glitch. Her Twitter page has redirected visitors to a hard-core porn site based in Japan.

Hackers could likely take advantage of the bug, directing users to "third-party websites containing malicious code, or for spam advertising pop-ups to be displayed," Cluley wrote. But he wasn’t sure whether the flaw would harm computers, saying that "it looks like many users are currently using the flaw for fun and games."

-- Tiffany Hsu

Comments  ()


Recommended on Facebook


In Case You Missed It...


How to Reach Us

To pass on technology-related story tips, ideas and press releases, contact our reporters listed below.

To reach us by phone, call (213) 237-7163


Andrea Chang
Armand Emamdjomeh
Jessica Guynn
Jon Healey
W.J. Hennigan
Tiffany Hsu
Deborah Netburn
Nathan Olivarez-Giles
Alex Pham
David Sarno