Twitter Flaw Compels Victims to Follow Hacker’s Account
Techcrunch, a weblog focusing on reviewing and profiling of Internet items, reported on July 28, 2008 that a Twitter account named johng77536 existing for hardly two days had become part of a list of the 100 most prevalent Twitter accounts.
According to Aviv Raff, Researcher of Browser Flaws, vulnerability in Twitter could lead users to Websites that host malware. Raff said that the bug could compel users to follow the hacker's account, implying that all of the hacker's twits would be displayed on their Twitter home page along with potentially malevolent links, as reported by ITWorld on July 31, 2008.
Moreover, it is a proof-of-concept attack code that exploits a 'cross-site request forgery' (CSRF) flaw to trick a user into following his Twitter account by just opening a rig...
» SPAMfighter News - 14-08-2008