Security Hero Rotating Header Image

Twitter API ripe for abuse by web worms

Twitter API ripe for abuse by web worms

A security researcher is warning that the Twitter API can be trivially abused by hackers to launch worm attacks.

The red-hot social networking/microblogging service has been scrambling to plug cross-site scripting and other Web site vulnerabilities to thwart worm attacks but, as researcher Aviv Raff points out, itˇ¦s much easier to misuse the Twitter API as a ˇ§weak linkˇ¨ to send worms squirming through Twitter.

Raff, well-known for his research work on browser and Web application vulnerabilities, points out that a single vulnerability on any of the third-party services (Twitpic, etc.) that use the API can trigger the next Twitter worm.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31458

Leave a Reply

Powered by WP Hashcash

Spam Protection by WP-SpamFree

Bad Behavior has blocked 376 access attempts in the last 7 days.