New York: Micro-blogging site Twitter suffered a second worm attack in a week. But it put a stop to the worm that posted obscene messages to victims' tweets.
Users whose accounts got infected with the worm would see a message posted that read in part "WTF:" followed by a URL. If someone clicked on the link, his or her profile would also be hijacked. The same link would be reposted, increasing the chance that one of the user's followers would click on it and spread the worm.
Sophos, a security vendor, wrote in a blog post that the worm used a technique called cross-site request forgery (CSRF) to post to someone's account. In a CSRF attack, a web application is tricked into honouring a request from a malicious web site.
Making it more pernicious is the fact that the attack was invisible to those who clicked on the link.
"All the user sees if he or she visits the link is a blank page, but behind the scenes it has sent messages to Twitter to post from your account," the Sophos blog read.
Twitter has written on its status blog that "a malicious link is making the rounds that will post a tweet to your account when clicked on. Twitter has disabled the link, and is resolving the issue".
This was the second time in a week that Twitter was hit with an attack as the result of a flaw in the site's coding.
Last week, the site closed a cross-site scripting flaw that could allow attackers to steal data.
Some techie users, who picked up on it, wrote proof-of-concept code that combined JavaScript with the so-called onmouseover function.
This launched a pop-up window, facilitating a resolution of the problem, which was quickly fixed by Twitter. |
No comments:
Post a Comment