TweetDeck back online after XSS attack caused users to RT mystery code

Tweetdeck has been compromised by an XSS vulnerability, causing some users to retweet a mysterious line of code.

At first, Tweetdeck said the vulnerability had been fixed but users later reported continuing attacks, such as the code retweets, leading to it being taken offline. It has since returned.

"We've temporarily taken TweetDeck services down to assess today's earlier security issue," the company said. "We'll update when services are back up."

Later it added: "We've verified our security fix and have turned TweetDeck services back on for all users."

Security company Rapid7 praised TweetDeck's approach to the attack and the guidance it issued. It instructed users to log out and log back in again, which offers damage control against a common XSS attack.

"The guidance from Tweetdeck is simple and correct, log out, and log back in," Rapid7's Trey Ford said. "One of the most common and useful XSS attacks is used to steal the user's session, effectively enabling an attacker to log in as you.

"This worm hearkens back to the MySpace 'Samy Worm' in 2006, except for one key step- this worm does not appear to have the ability to force your account to follow the attacker," Ford said.

This is not the first time Twitter has been subject to an XSS attack, as we have previously reported.