COVENTRY MESSAGE BOARD

[dutchman]

The main Twitter website has been hacked via a security flaw.



Users who move their cursor over blacked-out text have been automatically Tweeting or Retweeting the same message. Some accounts have automatically posted a message in oversize text, making their page and those of their followers unreadable.

In a blog post, Graham Cluely of security firm Sophos reported that the flaw allows messages and pop-up windows from third parties to open in users' browsers. These pages potentially contain spam or malicious code.

Cluely said: "The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop up and third-party websites to open in your browser just by moving your mouse over a link.

"Hopefully Twitter will shut down this loophole as soon as possible - disallowing users to post the onMouseOver JavaScript code, and protecting users whose browsing may be at risk."

He added: "Right now you might be safer using a third-party Twitter client rather than the Twitter.com website."

Cluely noted that the Twitter page belonging to Sarah Brown, the wife of former prime minister Gordon Brown, has attempted to direct her one million followers to a "hardcore porn site based in Japan".

At present Twitter client TweetDeck seems unaffected by the hack.