Tweetdeck shut down: App restarted after thousands of users unwittingly retweeted code

Labour leader Ed Miliband was among the TweetDeck users to be affected

Click to follow
The Independent Tech

Twitter temporarily shut down its TweetDeck client on Wednesday evening, after a security glitch saw tens of thousands of its users unwittingly post a line of code.

The social media giant has since re-launched its application, and has apologised for any inconvenience caused to users during the episode.

TweetDeck users affected by the flaw saw a pop-up window on their screen, before they re-tweeted a line of JavaScript code posted by user called "*andy" using the handle "@derGerun".

To launch the attack, hackers reportedly took advantage of a “cross-site scripting”, or XSS, vulnerability in the TweetDeck system.

Initially, TweetDeck told users to log out and log back in, but when the fault remained, it shut down the application's access to tweets.

Victims of the flaw included Labour opposition leader Ed Miliband, and BBC Breaking News’ Twitter account.

The incident is not the first time tweets containing JavaScript code have self-propagated through security holes in Twitter. The last major outbreak was in 2010 when the so-called Mouseover flaw redirected thousands of users to third-party websites when their mouse hovered over the offending chunk of text.