Javascript Web Exploit Attacks Huge Numbers of High-Profile Twitter Users

Summary:A JavaScript web compromise has apparently affected a large amount of Twitter users.

On Sunday afternoon, a large number of Twitter accounts were compromised by users who inadvertently were lured into viewing the following URL,

which contains the following Javascript code:

var el1 = document.createElement('iframe'); var el2 = document.createElement('iframe');"hidden";"hidden"; el1.src = "" + window.location; el2.src = ""; document.getElementsByTagName("body")[0].appendChild(el1); document.getElementsByTagName("body")[0].appendChild(el2);

Some of the most prominent Twitter posters with very large follower lists, such as @zee, web cartoonist @oatmeal and Tech Blogger Robert Scoble, @scobleizer have been affected, along with hundreds of thousands of their followers which also clicked on the malicious links.

The script, which causes a Twitter post to appear that directs browsers to execute the Javascript source code, and then posts an embarrassingly obscene message about goats (you can see it in the code snippet above) appears to affect only certain Windows-based browsers, as I was able to view and execute the source of the page safely using Chrome on Linux and my own Twitter account was not compromised.

I haven't been able to determine if any Mac or iOS or Android users have been compromised by this exploit yet, so please provide me with an update if you use Safari or another Mac browser or alternative OS and you've been hit.

UPDATE: At 1:49PM, EDT on Sunday, Twitter, on its status blog has notified users that the compromise has been blocked on the new and old versions of the Twitter Web UI and they are removing all the Tweets which have been sent with the cross-site compromise link and the offensive message.

Topics: Security, Enterprise Software, Social Enterprise


Jason Perlow, Sr. Technology Editor at ZDNet is a technologist with over two decades of experience with integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies. Jason is currently a Partner Technology Strategist with Microsoft Corp. His expressed views do not necessarily represent those of his employer... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.