Hackers embed attacks in Twitter profile images

Viral images, but not in a good way!

I am rather miffed with Twitter for this breach in security. It’s such an old and well-known method of attack that it is beyond forgiveness that it wasn’t stopped at the source.

I was going through my latest ‘followers’ and this popped up :


I assume it was in one of the Britney type I blocked but what disturbs me is that:
a) it ever got through Twitter’s laughable defences before my firewall had to stop it, and
b) it’s flagged at a known attack.

If one got through you can be very sure that hundreds or probably thousands more bot accounts are similarly affected.

If you want an in-depth look at this form of attack watch with 40 minute video : DefCon 15 – T312 – The Executable image Exploit

You can read of the older GDI hack on this Cisco security page (since deleted) : [ Microsoft GDI+ GIF Image Parsing Memory Corruption Vulnerability ]

There are other similar exploits and hacks. Scary eh. What’s irritating the heck out of me is Twitter let this through!

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top
%d bloggers like this: