Twitter hacked? Not really. Here's the scoop.
Loading...
Twitter users got a scare Tuesday morning. Upon arriving at the site, many found odd pop-ups, spam messages, and even pornography. Was Twitter hacked? Not exactly.
The problem arose from a hole in Twitter's security. Malicious links sprung up on thousands of accounts, spreading from one user to another. And, unlike with most online attacks, people could stumble into this trap by simply moving their mouse over the offending links – not just clicking on it.
So, what happened? Every time a website allows users to post text – such as comments, messages, or updates – there's the possibility that vandals will insert code instead. Companies have come to expect this and put up safeguards to ensure such code can't run amok. Twitter is no fool; its team of programmers defends the site against numerous attacks. But a recent update unwittingly exposed the site. And Tuesday morning, someone spotted that chink in the armor and lunged at it.
This backdoor, which Twitter patched up within a few hours, was not a hack, per se. Hacking involves breaking into another person's computer. Instead, this bug exploited JavaScript, one of the most popular online programming languages. "Due to an error in the way that Twitter processed messages, it was possible to include JavaScript in tweets, and that JavaScript could then do more or less anything, including sending more JavaScript-containing tweets," explains Ars Technica.
There's a silver lining to this gloomy incident: Twitter's new site design, which has been rolled out to some users, was immune to this computer bug. Third-party Twitter apps also shrugged off the problem. Only the standard interface fell victim. Perhaps this shows that Twitter's new look also comes with added protection. The company hopes to bring everyone over to the new design soon.