Meet the guy who just broke TweetDeck - KYTX CBS 19 Tyler Longview News Weather Sports

Meet the guy who just broke TweetDeck

Updated:

NEW YORK (CNNMoney)- TweetDeck, a popular Twitter app for desktops, has been hacked -- because a 19-year-old computer geek in Austria wanted to use cute, little hearts.

On Wednesday, something like an Internet worm quickly spread across the Twitter (TWTR, Tech30) social media network. It came from a tweet of a "?" symbol that was loaded with a string of code -- one that hijacked people's TweetDeck software.

Like a typical worm, this code told affected TweetDeck accounts to share the message, thus disseminating it everywhere.

An Austrian teenager named Florian (he prefers to go by Firo) says he started it all. Firo, who declined to share his last name, citing privacy concerns, said he figured out Wednesday morning that "&hearts" makes a "?" symbol in the coding language HTML.

Chatting to CNN on Twitter, he said he was just experimenting when he discovered that using a "?" created an opening in Tweetdeck's software, allowing for someone to inject computer program commands via a tweet. Without even meaning to, Firo stumbled on a software bug.

"It wasn't a hack. It was some sort of accident," he said.

Firo tried it a few times, adding a heart to every message until he got it to create a pop-up on his own TweetDeck dashboard.

He then announced triumphantly: "Vulnerability discovered in TweetDeck. \ o /"

Firo let Twitter know about the vulnerability as soon as he found it. But it was too late.

Others in the hacker community noticed, and shortly thereafter, a mass TweetDeck hijacking ensued.

The message from Twitter user @derGeruhn was shared more than 37,000 times. Many undid the retweet action trying to peel back the annoyance. People around the world were affected (as were a few of us at CNN, including me, my editor, David Goldman, and CNN's Crossfire account).

But no actual damage was reported. It was a harmless, brief Twitter disruption, little more than an annoyance.

Shortly after the incident, Twitter announced it fixed the problem. The company instructed users to simply log out of TweetDeck, then log back in.

As for Firo, a computer science student at an Austrian technical institute, he said he feels terrible about the whole thing.

"It's horror that TweetDeck made that mistake," he said. "It's horror that [hackers] are using this issue. I don't know. I'm sad in a way."

  • Local NewsMore>>

  • Gov. Perry removes tweet about Travis County DA

    Gov. Perry removes tweet about Travis County DA

    Monday, September 1 2014 8:55 AM EDT2014-09-01 12:55:19 GMT
    Gov. Rick Perry on Sunday night removed a tweet that had been sent from his account featuring a photograph of Travis County District Attorney Rosemary Lehmberg. Perry said the posting had been "unauthorized."More >>
    Gov. Rick Perry on Sunday night removed a tweet that had been sent from his account featuring a photograph of Travis County District Attorney Rosemary Lehmberg. Perry said the posting had been "unauthorized."More >>
  • Robbery suspects raid home, impersonate deputies

    Robbery suspects raid home, impersonate deputies

    Robbery suspects impersonating deputies raided a home and put pillow cases over the homeowners' heads, according to police.More >>
    Robbery suspects impersonating deputies raided a home and put pillow cases over the homeowners' heads, according to police.More >>
  • SCSO: Robbery suspects get away with cash register

    SCSO: Robbery suspects get away with cash register

    Sunday, August 31 2014 4:35 PM EDT2014-08-31 20:35:57 GMT
    SMITH COUNTY (KYTX) - A Smith County convenience store clerk was robbed at gunpoint in the 11800 block of Highway 64 around 3:00 Sunday morning.More >>
    SMITH COUNTY (KYTX) - A Smith County convenience store clerk was robbed at gunpoint in the 11800 block of Highway 64 around 3:00 Sunday morning.More >>
Powered by WorldNow

CBS19, MYTX & KCEB
2211 ESE Loop 323
Tyler, TX 75701
Phone (903) 581-2211
Fax (903) 581-5769

Powered by WorldNow
All content © Copyright 2000 - 2014 WorldNow and KYTX. All Rights Reserved. Users of this site agree to the Terms of Service, Privacy Notice/Your California Privacy Rights, and Ad Choices.