Twitter Blames 17-Year-Old Boy for Their Mistake

In case you were hiding under a rock yesterday, or perhaps on sabbatical from the Internet, you may not have heard, or seen, the news that Twitter was hacked once again. The culprit? A 17-year-old Australian boy who goes by the handle “@zzap.” Okay, maybe “culprit” is too strong a word, since it wasn’t exactly @zzap who did the hacking. What he did do, though, was post some java script in his Twitter feed that was then picked up by hackers who used it to send unsuspecting tweeters to pornographic websites, since porn sites are about all hackers can think about. In reality, then, @zzap was Patient Zero.

So what, exactly, did this 17-year-old from Australia do to bring Twitter to its knees?

He tweeted a piece of “mouseover” JavaScript code which brings up a pop-up window when the user hovers their cursor over the message. That’s all. Hackers then exploited the code to redirect users to porn sites, and create “worm” tweets that replicated every time they were read. Sounds harmless, but among those exploited by this little endeavour were White House press secretary, Robert Gibbs, and Sarah Brown, wife of former British Prime Minister, Gordon Brown. God, I hate to think what would have happened if The Bieb was involved, then @zzap would have some splainin’ to do.

“I did it merely to see if it could be done…that JavaScript really could be executed within a tweet,” @zzap (whose real name is Pearce Delphin), told AFP. “At the time of posting the tweet, I had no idea it was going to take off how it did. I just hadn’t even considered it.”

It should be noted that Delphin was one of the first people in Australia to start using Twitter, back in 2006, and said the site had known about the problem for “months” but failed to patch it. Twitter, of course, apologized the way it always does to its more than 145 million users, by posting a picture of a fail whale with cake. Okay, so I made that last part up.

If it is all true, though, and Twitter did know about this problem for months, then I think they should be the ones with some explaining to do, not @zzap, or the hackers who tweaked the code. It’s constant ignorance like this that affects my joyous Internet experience, and makes me wonder just who has my passwords and usernames out there. Wait, who am I kidding, nobody wants my stuff. They’re too interested in The Bieb, right?