Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now
Thursday 9 February 2023 Dublin: 2°C
# Twitter Attack
Australian teen to blame for Twitter's JavaScript meltdown
A 17-year-old Australian whizkid was to blame for the ‘onMouseOver’ issues that plagued the microblogging site.

A 17-YEAR-OLD Australian boy is being blamed for uncovering the Twitter flaw which yesterday saw the site go into virtual meltdown as rogue programmers discovered a way to make users continually retweet blocks of black text.

Pearse Delphin, a self-described “deontological libertarian from Melbourne, Australia” has been credited with discovering the flaw, posting the code to the site and demonstrating how it could be used for ill-effect.

The tweet tricked the site into converting JavaScript code into a legitimate hyperlink, complete with attributes which (when activated by hovering the mouse over it) triggered a pop-up box saying “Uh oh”.


It is understood that, having tweeted to say “No one tell [notorious online messageboard] 4chan about this, ok guys?”, several of 4chan’s users adapted the code so that anyone hovering over their tweets would be instantly redirected to a YouTube video of Rick Astley’s ‘Never Gonna Give You Up’.

The tweet was then adapted in the manner seen by most yesterday – to conceal its hidden message, retweeting itself, with black boxes.

Twitter has said that it had uncovered the problem itself in August and had moved to plug the security hole, but a recent update to its side (separate, it insisted, to the introduction of the so-called ‘New Twitter‘ interface) had unwittingly re-exposed the flaw.

Delphin has told news agency AFP that he posted the maliciously-used code “merely to see if it could be done … that JavaScript really could be executed within a tweet.

“I discovered a vulnerability, I didn’t create a self-replicating worm. As far as I know, that isn’t technically illegal.”

He has also tweeted an apology, saying: “I’ll say sorry, but I’m not taking off my glasses.”

For the benefit of his new Twitter followers, he has since tweeted: “Is this the point where I mention I need a job? I’m just a poor boy, no body loves me … except for the media.”