Japanese Twitter hacker tried to help

2010-09-23 22:15

Tokyo - This week's Twitter attack that caused a widespread headache for the micro-blogging service appears to have been triggered by a Japanese computer hacker who says he was only trying to help.

The attack, which emerged and was shut down within hours on Tuesday morning, involved a "cross-site scripting" flaw that allowed users to run JavaScript programs on other computers.

The originator is believed to be someone who uses the name "Masato Kinugawa" in cyberspace and acknowledges creating the Twitter account "RainbowTwtr" that demonstrated the vulnerability.

Through his Twitter account and personal blog, Kinugawa regularly tracks down possible computer security loopholes and notifies companies of their existence.

Earlier this year, he pointed out several scripting problems to Japanese internet company Livedoor, which thanked him with a $177 gift certificate.

'RainbowTwtr'

Kinugawa says he contacted Twitter about the weakness on August 14 - but in vain.

"Twitter had not fixed this critical issue long after it had been notified," Kinugawa tweeted.

"Twitter left this vulnerability exposed, and its recognition of this problem was low. Rather than have someone maliciously abuse this under the radar, I decided it would be better to urgently expose this as a serious problem and have it be addressed."

The account, which displayed messages in colours of the rainbow, spurred others like Australian teenager Pearce Delphin of Melbourne to spread the word about the vulnerability. "RainbowTwtr" has since been suspended.

In an email to The Associated Press on Thursday, Delphin said he analysed the code within the "rainbow tweets" and realised it could be tweaked to make a pop-up window appear just by moving a cursor over a message.

Other users quickly picked up on Delphin's discovery and made their own changes, infecting unsuspecting accounts around the world.

'Exploited the issue'

San Francisco-based Twitter said it does not believe that any user information was compromised and that the "vast majority" of the breaches were pranks or promotions.

The company said the attack began when a user, whom it did not identify, noticed a security hole and "took advantage of it".

"First, someone created an account that exploited the issue by turning tweets different colours and causing a pop-up box with text to appear when someone hovered over the link in the tweet," the company said.

The White House's official Twitter feed - followed by 1.8 million users - was among those affected, though the offending message was quickly taken down.

Security breaches were common in Twitter's early days, but the company has since worked to beef up its vigilance and the problems have become less common.

Tuesday's hack coincided with Twitter's ongoing rollout of a redesign of its website, which tries to streamline users' Twitter feeds and make it easier to see photos and videos directly on the site, without having to click on a link to YouTube or Flickr.

Twitter said it discovered and fixed this problem last month, and that a recent site update unrelated to the redesign was responsible for its return.

- AP
Read more on:    twitter  |  japan  |  social networks  |  cybercrime
NEXT ON NEWS24X
SHARE:

Read News24’s Comments Policy

 

Inside News24

 
/Africa
 

Device lets disabled people talk through their nose

A device that converts nose breaths into speech will open new doors for people with Parkinson’s or motor neuron disease.

 
 

For chic geeks...

It’s THIS easy for someone to steal your ATM pin!
This is why you should install iOS 8
17 photo illusions that look so real
Check out the speed of this robo-cheetah!

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Magical Massinga

Spend 5 nights at the gorgeous Massinga Beach Lodge in Mozambique and only pay for 4 from R13 220 per person sharing. Includes return flights, accommodation, transfers and romantic turndown. Book now!

Kalahari.com - shop online today

Pre-order your iPhone 6 at kalahari.com

Hurry and pre-order your own iPhone 6 now at SA’s favourite online store!

Bargain box – 60% off

Reduced prices, very limited stock. While stocks last. Hurry and shop now!

Mind blow low prices on electronics

Get either the Prestigio multiphone or Proline tablet 7” tablet for only R699. Offers valid while stocks last. Shop now!

30% off Barbie toys

Save 30% on all Barbie toys and accessories. Offer valid while stocks last. Shop now!

Baby extravanganza month at kalahari.com

Celebrate baby month with a wide range of awesome baby products. Offers valid while stocks last. Shop now.

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

Horoscopes
Aquarius
Aquarius

You may take extra pride in your work today. You have a need to shine and be respected so you may put the extra effort and TLC...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.