Aussie student triggered Twitter worm - PC Retail

Aussie student triggered Twitter worm

17-year-old discovers flaw that infected thousands of users
Author:
Publish date:
14_twitter184.jpg

An Australian high school student unwittingly unleashed chaos among thousands of Twitter users by revealing the 'mouse over' exploit.

The Sydney Morning Herald reports that Melbourne student Pearce Delphin had been tinkering with Javascript which opened alert boxes saying "uh oh" when a user hovered a mouse over the 'infected' tweet on the Twitter website.

What started out as a curiosity was quickly retweeted until more mischievous individuals modified the code to retweet itself, thereby turning a cross scripting vulnerability into a replicating worm which quickly spread around the world.

The cross site scripting flaw had initially been discovered by another Twitter user who used it to change the colour of tweets. Pearce was apparently first to "report the Javascript vulnerability" which allowed pop-up text boxes.

Pearse pointed to another user who was first to create a self-replicating retweet worm "by accident" he said, while Twitter users in New Zealand went on to craft "malevolent" worms.

"Not wanting to get my account banned, since I've been a Twitter user since 2006, I was very careful to the kind of script I posted," said Pearce, going on to say that other users that posted self-replicating versions of the exploit had their accounts suspended by Twitter.

Related