Porn News

Twitter Hack Activates Pop-Ups, Sends Some to Porn Sites

from www.foxnews.com – Hackers exploited a security flaw on the popular micro-blogging site Twitter, retweeting malicious code, activating pop-ups, and even exposing users to an unwanted sight: hard-core pornography.

As of 9:50 a.m. EST, a post to Twitter’s status blog said that the security flaw had been fixed, simply stating “The exploit is fully patched.” This confirms what a spokesperson for the company told popular tech news site Mashable ten minutes later: “It should now be fully patched and is no longer exploitable.”

Twitter is once again safe to visit.

According to security analysis firm Sophos, simply running your mouse over certain tweets could activate pop-ups, send you messages, or even redirect you to another site. And a number of Twitter accounts were redirecting users to hardcore pornography sites — including the feed of Sarah Brown, wife of former British Prime Minister Gordon Brown. And plenty of those malicious messages had been posted, said security company Sophos.

“It’s tens of thousands if not hundreds of thousands of messages that have been posted,” Sophos senior technology consultant Graham Cluley told FoxNews.com. The hack utilized the onMouseOver JavaScript code to run automatically when a user visits the Twitter.com site, tweeting itself out to other users and redirecting users to malicious sites, sometimes hardcore pornography sites.

Twitter representatives were not immediately available for comment, but the company’s safety account did mention that the problem had been fixed, at 10 a.m. EST. “The XSS attack should now be fully patched and no longer exploitable. Thanks, those reporting it,” the company wrote in its Safety news feed.

The attack was broad, affecting tens or hundreds of thousands — and should never have existed in the first place, Cluley noted.

“It’s pretty widespread and has left some major egg on the face of Twitter,” Cluley told FoxNews.com. He explained that there was no reason for code like this to run at all, much less act in such a malicious fashion — a security flaw the company ought to have flagged itself, he said.

“It shouldn’t be possible to plant JavaScript code like this into your tweets,” he said.

And the porn may not be the worst part, warned Sophos’s Cluley. “It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code,” Cluley pointed out.

Many current security risks are two-part procedures, he said: First they take over a browser and redirect the PC to a compromised website, then they load up additional code to continue the exploit. There were also less dangerous uses for the flaw, of course.

“Some users are also seemingly deliberately exploiting the loophole to create tweets that contain blocks of color (known as ‘rainbow tweets’). Because these messages can hide their true content they might prove too hard for some users to resist clicking on them,” Clulely said.

Cluley advised people to stay away from Twitter.com, before the patch arrived, since third-party applications that access Twitter such as the popular TweetDeck were immune to the JavaScript flaw.

219 Views

Related Posts

Ellie Nova Guests on ‘And Now We Drink’ Podcast

Oct 11, 2024 3:52 PM PDTLOS ANGELES — Ellie Nova is the latest guest on the “And Now We Drink” podcast, hosted by Matt Slayer. During the episode, Nova discusses humorous moments of her life and adventures she's been on, among other topics. "I’ve always…

Seka Black Drops New Clip

Oct 11, 2024 3:50 PM PDTLOS ANGELES — Seka Black has dropped a new clip to her Adult Empire store.  “These gentlemen cared for me from start to finish, and what a climax they completed,” said Black. “Get ready for…

TadpoleXStudio Drops New Title

Oct 11, 2024 3:47 PM PDTLOS ANGELES — Madison Wilde, Marina Gold, Serena Hill and Sophia Sterling star in a new release from TadpoleXStudio. Wilde, Gold, Hill and Sterling "show off their special sex skills as they share their perfect…

BasisDx Partners With Kasbh Inc. Lifestyle Events for STI Tests

Testing laboratory BasisDX, the manufacturers of PASS-certified, at-home Pro 13 BasisDx STI test kits, has partnered with Nebraska-based lifestyle organization Kasbh Inc. and its owners Ms. Amanda and Dirty Santa, to bring safer sex protocols to the organization’s private events,…

Dan Dangler Named Bang! Babe for October

Adult star Dan Dangler on Friday was named Bang!’s B! Babe of the Month for October.

Leave a Reply

Your email address will not be published.