Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Twitter Clickjacking Hack Potential Revealed
Twitterjacking? Tweethacking? Too early for a clever name yet, but a proof of concept for a clickjacking hack aimed at Twitter's "What Are You Doing" update has been released. The hacks themselves may not be far behind.
1 Min Read
Twitterjacking? Tweethacking? Too early for a clever name yet, but a proof of concept for a clickjacking hack aimed at Twitter's "What Are You Doing" update has been released. The hacks themselves may not be far behind.The clickjacking -- inserting essentially invisible links to malicious sites into browsers and over browser buttons -- strategy for taking over Twitter users' update boxes was unveiled in a proof of concept blog posting.
So far no instances of this approach being used in the wild have been reported in the two weeks or so since the concept was made public.
Leaving aside the question of the appropriateness of making such hacks public, and the so far benign results of this particular hack -- the hacker would be able to post updates on the user's Twitter homepage -- the point here is that we have another Twitter vulnerability a month or so after some higher profile Twitter hacks.
And the problem potentially is far from benign. Think what a simple "We're Going out Of Business" or "Our Products Have Been Recalled" tweet to all of your followers would do for your business.
One more reminder to have your employees on as much guard when social networking as when doing anything else on the Web.
And as far as name for the exploit, should it ever show up in the wild?
How's this:
Twicking!
Read more about:
2009About the Author
You May Also Like
More Insights
