Photos and VideosMore Photos and Videos
LONDON - JULY 02: In this photo illustration the Twitter website is displayed on a laptop computer on July 2, 2009 in London. The social network site, started in 2006 in California as a sideline project, has grown into a global brand becoming one of the fastest growing phenomenas of the Internet. (Photo by Peter Macdiarmid/Getty Images)
Twitter has patched a security flaw that allowed thousands of accounts to be exploited, sending automated Tweets and redirecting users to websites without their consent.
Twitter initially resolved this issue back in August, but a recent update to the site "unknowingly resurfaced it," according to a post on the company blog Tuesday afternoon.
The issue was first made public by Sophos, a company that makes web security software, in a blog post early Tuesday morning after a number of high-profile Twitter accounts were affected by the bug. The site points out that initially the flaw had been used only for "fun and games," redirecting users to porn sites rather than exposing them to malware.
Twitter made a similar point in their blog post, "The vast majority of exploits related to this incident fell under the prank or promotional categories."
Among the high-profile victims is Press Secretary Robert Gibbs. After an auto-tweet appeared on his account, Gibbs posted, "My Twitter went haywire - absolutely no clue why it sent that message or even what it is...paging the tech guys..."
"I simply wanted to exploit the hole without doing any 'real' harm," he said in an interview with BBC News. "It started off as 'ha, no way this is going to work'."
Earlier in the day Judofyr tweeted, "as far as I know, I started the first worm, but I can't say for sure," but he claimed to have found the flaw on rainbowtwtr's account, adding "I only came up with the idea to turn it into a worm."
That worm was spread through at least 200,000 messages, according to BBC News.
For the tech junkies out there, The Next Web offers a more in-depth explanation of the cross-site scripting vulnerability.