Tech content trusted by users in North America and around the world
6,409 Reviews & Articles | 42,711 News Posts
TRENDING NOW: NVIDIA preparing GeForce GTX 980 Ti with 6GB VRAM, faster than Titan X

TweetDeck back online after XSS attack caused users to RT mystery code

An attack on TweetDeck caused users to retweet mysterious lines of code, causing the service to be taken offline (NYSE:TWTR)

| Hacking & Security News | Posted: Jun 11, 2014 7:11 pm

Tweetdeck has been compromised by an XSS vulnerability, causing some users to retweet a mysterious line of code.




At first, Tweetdeck said the vulnerability had been fixed but users later reported continuing attacks, such as the code retweets, leading to it being taken offline. It has since returned.


"We've temporarily taken TweetDeck services down to assess today's earlier security issue," the company said. "We'll update when services are back up."

Later it added: "We've verified our security fix and have turned TweetDeck services back on for all users."


Security company Rapid7 praised TweetDeck's approach to the attack and the guidance it issued. It instructed users to log out and log back in again, which offers damage control against a common XSS attack.


"The guidance from Tweetdeck is simple and correct, log out, and log back in," Rapid7's Trey Ford said. "One of the most common and useful XSS attacks is used to steal the user's session, effectively enabling an attacker to log in as you.

"This worm hearkens back to the MySpace 'Samy Worm' in 2006, except for one key step- this worm does not appear to have the ability to force your account to follow the attacker," Ford said.


This is not the first time Twitter has been subject to an XSS attack, as we have previously reported.


Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Or Scroll Up Or Down