TweetDeck crashes on teen’s prank
13 Jun 2014
A tweet was retweeted many thousands of times yesterday, but almost none meant to share the message, The Columbus Despatch reported.
A string of code was apparently first tweeted at 12:36 pm, which took advantage of a security flaw in the Twitter client TweetDeck, which many Twitter users to organise their tweets and Twitter feeds.
After processing by TweetDeck, the message was automatically retweeted (or forwarded) without the user's intervention.
The micro-blogging network, which acquired the TweetDeck service in 2011, temporarily shut down the application's access to tweets and users were only able to log back into TweetDeck by 2 pm.
The outage though short, proved significant for users much to the surprise of some who were not aware that online services were not immune to security-related vulnerabilities.
The report quoted the following comments: @dansinker: As far as I can tell from my twitter feed, the machines have begun to rise up, and they started with Tweetdeck.
@StephenBeckett: #Tweetdeck will apparently run any tweeted #javascript code. Should be up for programming darwin award. Closing tweetdeck in 3... 2...
@EdMorrissy: Feedly is down. Tweetdeck is down. It's like coming into the office early only to discover no one else made it because the roads shut down.
The TweetDeck hack started with an Austrian programming teenager making a cute love heart symbol, according to Mailonline.
According to the teen, Florian, he discovered early yesterday that '&hearts' made a heart symbol in HTML, which in turn created an opening in TweetDeck's software. This allowed injection of computer program commands via a tweet, a software bug.
Speaking to CNN, Florian said it was not a hack, it was some sort of accident.
A hacker with the handle @derGeruhn then attacked the vulnerability causing over 40,000 users to automatically, involuntarily, retweet a cryptic line of code.
That account belonged to a German programmer and college student named Andy Perdana.
According to The Washington Post, Perdana had been on Twitter with the handle @derGeruhn since 2012, a year after he started computer science studies at the University of Applied Science in Karlsruhe, Germany.
Perdana had contributed code to online gaming projects on Github, and maintains a profile on the encrypted messaging site Keybase. He later tweeted that his message was a prank.