terça-feira, 21 de setembro de 2010

'Mouse over' security flaw causes Twitter trouble


(CNN) -- Thousands of Twitter users have been hit by an apparent security flaw that can cause pornographic content to appear on the site unintentionally, according to a researcher at the security firm Sophos.
When users of the popular site "mouse over" a link on the site, the content appears even if they have not clicked on it, says Graham Cluley, the researcher.
Writing on this blog, Cluley says that Sarah Brown, wife of the former British Prime Minister Gordon Brown, was among those affected by the security hole.
"It appears that in Sarah Brown's case her Twitter page has been messed with in an attempt to redirect visitors to a hardcore porn site based in Japan. That's obviously bad news for her followers -- over one million of them," Cluley writes.
Brown posted this follow-up tweet on Tuesday morning:
"don't touch the earlier tweet - this twitter feed has something very odd going on ! Sarah".
White House press secretary Robert Gibbs also tweeted about the situation:
"My Twitter went haywire - absolutely no clue why it sent that message or even what it is...paging the tech guys..." Gibbs wrote on his Twitter feed.
Cluley said the flaw may or may not cause harm to computers, but it could be exploited by hackers.
"It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed," he writes on the blog.
It is unclear if the flaw is the result of a recent update to Twitter.com, which allows outside websites to pop up from the site without users clicking on them.
CNN