OnMouseOver XSS Vulnerability on Twitter

This morning we observed a Cross Site Scripting (XSS) attack taking place on Twitter.  This particular vulnerability took advantage of the onmouseover function in JavaScript, which works by executing JavaScript code by simply moving your mouse over some text.

The following status updates were observed, causing unsuspecting user feeds to fill up with images of rainbows:

Mouseover Vulnerabilty on Twitter

Mouseover Vulnerabilty on Twitter

After hovering over the mouseover code:

Tweet after Mouseover Vulnerability

Tweet after Mouseover Vulnerability

Here are some of our observations on this attack:

  • The malicious string can be automatically sent to followers, continuing the distribution of the tweet in a worm like fashion.
  • Strange messages appear with giant letters, dialog boxes reading “Hello”, blacked out tweets, etc.
  • Anyone visiting their profile may be redirected to another web address.

This particular attack could have been nasty in the hands of skilled cyber criminals, but fortunately the Twitter staff have already patched the site against this and future attacks like it.

Twitter Status Update

Twitter Status Update

Related News

2 Responses

Leave a Reply
  1. melina
    Sep 27, 2010 - 09:17 AM

    Hi, just a suggestion: it would be great to have a search box in this blog.



  1. Rainbow-Wurm attackiert Twitter | PandaNews

Leave a Reply

Your email address will not be published. Required fields are marked *