Secure Science researchers found vulnerability of Twitter Microblogging site. Hackers can attack user accounts as well as make your computer a compromising position with the help of the cross scripting code(XSS). 750 Twitter accounts were hacked last week to send Tweet spam.
“The vulnerability is still active,” said Wastl, a researcher. “Basically, we produce a link and if a Twitter user clicks on it, it allows us to hijack their accounts.”
XSS vulnerabilities allow attackers to inject malicious code into Web pages, including HTML and client-side scripts. It can make access control inactive, get the information from user machine and carry out Phishing attack. If your computer is vulnerable to other other area, Twitter flaw will be used to launch additional malicious code and the vulnerability can stretch beyond web page. If you use third party twitter application, they may not be subjected to security check up and that aggravates the risk further.
As per James, another researcher, Twitter encourages unsafe security practices, like the use of URL redirection and presenting links in a way that builds trust which may not be true in reality.
Filed under Twitter | Tags: Hack, Microblog, Phish, Spam, Twitter, XSS | Comment Below