The top 5 ways to avoid and fix the onmouseover Twitter bug

Next Story

LaCie Intros The 24-inch 324i IPS Display Aimed For Creative Types, Rich Kids

Today thousands if not millions of Twitter users were affected by the onmousover Twitter exploit which created malicious pop-ups and could also fill and send a status update ‘on your behalf’. How nice. Here are our Top 5 Tips on how to avoid the worm until Twitter fixes the problem:

1. Don’t use the Twitter web site, especially the older version. However, there are reports the new version, if you have it, is not producing the same effects. But just to be safe, stay off Twitter for the next few hours at least.

2. Use a desktop client or web based client application like Tweetdeck, Seesmic, Dabr or similar. Although the affected tweets do still appear in your stream as a jumble of words, they will not produce the same mouseover effect. Some desktop clients also allow you to filter out words like “onmouseover” so you needn’t see the stream of affected tweets.

3. If you can’t use a desktop client or web based client application, Use the Twitter mobile site, which appears to be unaffected. [Update: Scratch that, avoid that as well, it is being affected].

4. Delete the affected tweets by avoiding the main web site and log-in to the mobile site instead. Then delete the forced Retweet. Delete any tweets so that the worm does not spread to your friends and followers.

5. If you want to be extra, extra safe, change your password, but it’s worth pointing out that this bug is not related to passwords.

6. Bonus point: Twitter says it is now on the case and fixing the issue.

ONE FOR LUCK: Twitter Patches Security Hole, Introduces Two Cool New Features To #NewTwitter

  • Tim

    Silly twitter

  • Warning: Mouseover tweets security flaw is wreaking havoc on Twitter [Updated]

    […] form 'on your behalf' leading to it spreading to over 40,000 tweets within 10 minutes. Here are our top 5 ways to avoid and fix the onmouseover Twitter […]

  • Scott

    That was really just 2 ways – avoid and change your password. Thanks for banging out the super useful post though.

    • himadri dimri

      ha ha nice!! I agree with you scott.. Stay away from twitter and change the password :)

    • Harsh Agrawal

      Only 1 way and that is Avoid using Twitter . com for now…. As this bug has nothing to do with password …

  • Sunfell

    Apparently TweetDeck is also replicating the problem, according to some of my friends.

  • James Whatley

    I can totally recommend as well ;)

  • naeem

    crazy stuff, i went into a panic and scanned the hell out of my pc
    Nod32, AVG, Spybot, Malware bytes, etc

    Was sure from the getgo it was a twitter issue was, pc is pretty walled up with AV stuff

  • Luke, reachstudents

    The mobile site is accessed here:

    Though on desktop I’m not sure it offers control panel for password etc

  • Boris Veldhuijzen van Zanten

    The mobile site seems just as vulnerable judging from all the tweets originating from there:

  • Gabriel Izaias

    This twitter issue is a script created by @Matsta that explores a vulnerability. It onlys tweets itself if you mouseover the suspicious link.

    Don’t worry about your password.

  • Mike Butcher

    Nice suggestions people keep’em coming

  • Boris Veldhuijzen van Zanten

    Twitter has fixed the issue:!/safety/status/25118959058

    Move along people, nothing to see here. :-)

  • Shivam Vaid

    Just as I refreshed the twitter window, typing started automatically in the tweet box( possibly because of mouse hover ) and I immediately closed the window.

    I will recommend that unless you are desperate – do not access/log on to twitter at all.

  • Lucas Sewell

    I’ve tried a few of the mouseover links and had no problem. Using Firefox and Mac.

  • Frank Reiber

    My problems were over when i blocked @matsta and had undone the retweet

  • JG

    I used firebug and something like:

    $(‘li.hentry.mine.status .entry-content a.modal-overlay’).parents(‘li.hentry’).find(‘span.del’).click();

    (not sure about the exact selector, I didn’t save it…

  • verygoodservice

    Thank you. v. useful

  • Twitter violation | Eyeformarketing's Blog
  • Kosso

    One of the original HUGE links was pulling this JavaScript from a server in Russia :

    Here’s also a grab of the code behind the link

  • Twitter Is Hacked Again On 21st september,2010 « So U'r reading my bloody posts huh? :XD

    […] The top 5 ways to avoid and fix the onmouseover Twitter bug ( […]

  • JargoMartinez » Warning: Onmouseover Twitter Security Flaw Is Wreaking Tweet Havoc [Updated]

    […] are our top 5 ways to avoid and fix the onmouseover Twitter […]

  • lajarre

    Also remove the affected tweets from services (like Buzz or LinkedIn) that you setup to reflect your tweets…

  • pointdebate

    I wonder for how long this bug existed before anyone noticed it. There might be others…

  • Prof Godzilla

    @ himadri dimri – September 21st, 2010 at 2:41 pm UTC

    It seems you clearly have no idea what this onmouse bug does do you? There is no need to change your password since this attack does not have anything to do with this nor is it affecting your credentials in any way. It’s just an onmouseover javascript which redirects to sick japanese porn. (but why the Fuck would they allow javascript in twitter?)

  • Prof Godzilla

    Btw removing tweets is nice, but Twitter itself should alter the scripts that output tweets and alter the scripts that allows input tweets.

  • The top 5 ways to avoid and fix the onmouseover Twitter bug « Thoughts

    […] Bonus point: Twitter says it is now on the case and fixing the issue. via Comments RSS […]

blog comments powered by Disqus