terça-feira, 21 de setembro de 2010

Twitter worm pumps out spam links


A flaw in the website of micro-blogging service Twitter is being used to pump out pop-up messages and links to porn sites.
Initially, users only had to move their mouse over the link - not click it - to open it in the browser.
Thousands of Twitter accounts have so far posted messages exploiting the flaw including Sarah Brown, the wife of former Prime Minister Gordon Brown.
Twitter said it was aware of the problem and would issue a patch soon.
The flaw which caused pages to open automatically appears to have been fixed.
This command - written in a programming language called Javascript - automatically directed users to another website, some of which contain pornography. Whilst the links are still there, users must now actively click on them.
The malicious links look like a random URL and contain the code "onmouseover".
"There is no legitimate reason to tweet Javascript," Graham Cluley, a researcher at security firm Sophos, told BBC News.
The code is being spread by worms, self-replicating and malicious piece of code.
BBC News