Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Twitter Fixes TweetDeck XSS Security Vulnerability

Twitter has re-enabled the TweetDeck application after taking it down following successful exploitation of a cross-site scripting issue.

Twitter has re-enabled the TweetDeck application after taking it down following successful exploitation of a cross-site scripting issue.

TweetDeck is a popular social media dashboard application used for managing Twitter accounts. Earlier in the day, Twitter advised TweetDeck users that it had fixed a security issue and told them to logout and log back in to fully apply an update. An hour after that however, Twitter disabled the application, before re-enabling it an hour later. 

At the center of the situation was a bug that enabled cross-site scripting attacks, researchers said.

“This vulnerability very specifically renders a tweet as code in the browser, allowing various cross site scripting (XSS) attacks to be run by simply viewing a tweet,” Trey Ford, Global Security Strategist at Rapid7, explained in a statement. “The current attack we’re seeing is a worm that self-replicates by creating malicious tweets. It looks like this primarily affects users of the TweetDeck plugin for Google Chrome.”

“This worm hearkens back to the MySpace ‘Samy Worm’ in 2006, except for one key step- this worm does not appear to have the ability to force your account to follow the attacker,” he said.

Taking a quick look at Twitter shows lots of attempts to exploit this flaw still flying around, even though Twitter has now patched the issue, noted Chester Wisniewski, senior security advisor at Sophos.

“People have suggested this was not malicious, but I disagree,” he argued. “Creating a network worm even if only being used to spread a warning message is still malicious activity no matter how you cut it.”

The vulnerability caused a stir among TweetDeck users. In a short period of time, the issue was exploited to cause tens of thousands of users to retweet a single message.

Advertisement. Scroll to continue reading.

“Cross site scripting attacks aren’t new and represent just one of the many vulnerabilities application developers need to consider when building an app like Tweetdeck,” Krishna Narayanaswamy, chief scientist at Netskope, told SecurityWeek. “What’s especially dangerous here though is the nature of social media is to share — good or bad, it’s designed to spread something far and wide. Just as Twitter has jumped to action to ensure they’re leveraging validation checks and other best practices, so should every app provider, especially those with mass appeal like this.”

“The guidance from TweetDeck is simple and correct – log out, and log back in,” said Ford. “One of the most common and useful XSS attacks is used to steal the user’s session, effectively enabling an attacker to log in as you. Logging out will eliminate that threat.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.