Clearly I missed out on all the fun.


Apparently, there was another exploit on Twitter today?  #dontclick

Those exploited would end up tweeting the following message:

Don’t Click: http://tinyurl.com/amgzs6

So, it was a Twitter worm by way of clickjacking.  Though I missed out on the fun, I learned a new security term:  CSRF (Cross-site request forgery).  I tell you, security geeks get to see all kinds of cool stuff.

Code analysis:  Twitter Don’t Click Exploit

Twitter’s response:  Twitter Blog: Clickjacking Blocked.



Leave a Reply

%d bloggers like this: