terça-feira, 21 de setembro de 2010

twitter........ atacado O que fazer? Está aqui....

RT @TheodoreArt: @KeirSimmonsITV#twitter has been hacked. 

If you see a black block of text, do NOT hover your mouse over it.


Twitter Security Flaw – HOW TO FIX

by Allen Stern - September 21st, 2010

There is a nasty attack going on the Twitter website currently. I was hit with it along with what appears to be at least thousands of other users. Mike Butcher at Techcrunchuksuggests that the security flaw is only hitting Twitter.com and not the third-party clients. After I was hit, I tried using Seesmic Web and it wouldn’t load so I am guessing if you want to switch, you must follow the instructions below first as my guess is the javascript onmouseover code is somehow killing the API…
It does appear if you have the New Twitter interface (which is like 100 tech bloggers and Twitter friends), you are safe.
If you have been hit with the security bug/flaw – here’s how to fix it quickly and easily:
  1. Go to Twitter’s mobile site and login
  2. Go to your user page
  3. Delete the bad virus tweets
  4. It may take a minute for your Twitter account to appear clean
After you have cleaned the bad tweets, make sure not to mouse over any links in the Twitter.com interface. And just to be safe, change your password.
Apparently the third party client tools for accessing Twitter are not affected by this bug – so if you need to Tweet that pic of your dog, that you just ate a ham sandwich or that you have just completed a check-in at the Borders, check out TweetdeckBrizzly or Seesmic.
Update: Brad at Next Web was able to get some additional information on how the hack works.
Leave a comment if your Twitter account was hit with this hot mess.

Updates at bottom of post
There is apparently a security flaw in the Twitter code that is allowing users to have third-party websites open in your browser, and all you have to do is mouse over a link for it to happen.
The flaw, as reported by Internet security company Sophos, appears to be somewhat innocuous for now but holds some pretty nasty potential as it could allow Twitter users to be redirected to other sites that contain less-than-honorable code.
While that threat certainly appears, another one has reared its ugly head as well. The newest variation of the code attempts, on mouseover, to have you continue to spread it via your Twitter status update.
The code, which could also be used to display multi-colored “rainbow tweets” or even a blank page, produces an effect like this:
We’ve contacted Twitter, as well as a security expert and we’re waiting for any further information. For now, it is worth noting that you should avoid clicking or mousing over any link that has the “onmouseover” command, or any link that is disguised by colors.
Of course, it is also advisable that you use a third-party Twitter client such as TweetDeck or Seesmic, in the mean time. The clients are not succeptable to the “onmouseover” events, and should prove to be a safe solution. If you happen to be one of the lucky New Twitter users, you should also be safe (thanks @). Another workaround is to head to the mobile version of the Twitter site at http://mobile.twitter.com as the links do not appear to be functional via that version.
Our thanks to Sam at TwitterCounter for the images and additional information.
Update: According to some users, the latest chunk of code not only attempts to hijack your stream, but also apparently is hijacking the account as a whole, even if you haven’t moused overa link. One users has noted the following:
We’ve also gotten a better explanation of how the attack is happening, again via Sam from TwitterCounter:
It seems to stem from the short url http://t.co/@. Whenever a URL is included into the tweet, Twitter renders the HTML for it (eg. http://thenextweb.com would render as http://thenextweb.com“>http://thenextweb.com). What this hack does, it abuses this rendering by closing the href attribute early sohttp://t.co/@“onmouseover=”etc”/ would render as http://t.co/@” onmouseover=”etc”>http://t.co/@“onmouseover=”etc”/. That first double quote in the malicious URL closes the href attribute and allows for javascript events to be included afterwards.

Enviar um comentário