Tweetdeck shut down: App restarted after thousands of users unwittingly retweeted code

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Twitter temporarily shut down its TweetDeck client on Wednesday evening, after a security glitch saw tens of thousands of its users unwittingly post a line of code.

The social media giant has since re-launched its application, and has apologised for any inconvenience caused to users during the episode.

TweetDeck users affected by the flaw saw a pop-up window on their screen, before they re-tweeted a line of JavaScript code posted by user called "*andy" using the handle "@derGerun".

To launch the attack, hackers reportedly took advantage of a “cross-site scripting”, or XSS, vulnerability in the TweetDeck system.

Initially, TweetDeck told users to log out and log back in, but when the fault remained, it shut down the application's access to tweets.

Victims of the flaw included Labour opposition leader Ed Miliband, and BBC Breaking News’ Twitter account.

The incident is not the first time tweets containing JavaScript code have self-propagated through security holes in Twitter. The last major outbreak was in 2010 when the so-called Mouseover flaw redirected thousands of users to third-party websites when their mouse hovered over the offending chunk of text.