Today thousands if not millions of Twitter users were affected by the onmousover Twitter exploit which created malicious pop-ups and could also fill and send a status update ‘on your behalf’. How nice. Here are our Top 5 Tips on how to avoid the worm until Twitter fixes the problem:
1. Don’t use the Twitter web site, especially the older version. However, there are reports the new version, if you have it, is not producing the same effects. But just to be safe, stay off Twitter for the next few hours at least.
2. Use a desktop client or web based client application like Tweetdeck, Seesmic, Dabr or similar. Although the affected tweets do still appear in your stream as a jumble of words, they will not produce the same mouseover effect. Some desktop clients also allow you to filter out words like “onmouseover” so you needn’t see the stream of affected tweets.
3. If you can’t use a desktop client or web based client application, Use the Twitter mobile site, which appears to be unaffected. [Update: Scratch that, avoid that as well, it is being affected].
4. Delete the affected tweets by avoiding the main web site and log-in to the mobile site instead. Then delete the forced Retweet. Delete any tweets so that the worm does not spread to your friends and followers.
5. If you want to be extra, extra safe, change your password, but it’s worth pointing out that this bug is not related to passwords.
6. Bonus point: Twitter says it is now on the case and fixing the issue.