Hackers Work To Save Twitter After Attack

LOS ANGELES (CBS/AP) — If you had a little trouble trying to tweet this week, you may be surprised to find out it was caused by a hacker who says he was only trying to help.

The attack on Twitter, the popular micro-blogging service, was shut down within hours Tuesday
morning after a "cross-site scripting" flaw allowed users to run JavaScript programs on other computers.

Daily Beast's Brian Reese Joins KFWB 980's Maggie McKay and Michael Shappee

The originator is believed to be someone who uses the name "Masato Kinugawa" in cyberspace and acknowledges creating the Twitter account "RainbowTwtr" that demonstrated the vulnerability.

Through his Twitter account and personal blog, Kinugawa regularly tracks down possible computer security loopholes and notifies companies of their existence. Earlier this year, he pointed out several scripting problems to Japanese Internet company Livedoor, which thanked him with a 15,000 yen ($177) gift
certificate.

Kinugawa says he contacted Twitter about the weakness on Aug. 14 — but in vain.

"Twitter had not fixed this critical issue long after it had been notified," Kinugawa tweeted. "Twitter left this
vulnerability exposed, and its recognition of this problem was low.

Rather than have someone maliciously abuse this under the radar, I decided it would be better to urgently expose this as a serious problem and have it be addressed."

The account, which displayed messages in colors of the rainbow, spurred others like Australian teenager Pearce Delphin of Melbourne to spread the word about the vulnerability. "RainbowTwtr" has
since been suspended.

In an e-mail to The Associated Press on Thursday, Delphin said he analyzed the code within the "rainbow tweets" and realized it could be tweaked to make a pop-up window appear just by moving a
cursor over a message. Other users quickly picked up on Delphin's discovery and made their own changes, infecting unsuspecting accounts around the world.

San Francisco-based Twitter said it does not believe that any user information was compromised and that the "vast majority" of the breaches were pranks or promotions. The company said the attack
began when a user, whom it did not identify, noticed a security hole and "took advantage of it."

(Copyright 2010 by The Associated Press. All Rights Reserved.)