<p>Pearce Delphin, whose Twitter name is @zzap, admitted exposing a security flaw which was then pounced upon by hackers, affecting thousands of users and causing havoc on the microblogging site for about five hours.<br /><br />Delphin, who lives with his parents in Melbourne, said he tweeted a piece of "mouseover" JavaScript code which brings up a pop-up window when the user hovers their cursor over the message.<br /><br />But the idea was soon taken up by hackers who tweaked the code to re-direct users to pornographic sites and create "worm" tweets that replicated every time they were read.<br />"I did it merely to see if it could be done... that JavaScript really could be executed within a tweet," Delphin told AFP via email.<br /><br />"At the time of posting the tweet, I had no idea it was going to take off how it did. I just hadn't even considered it."<br /><br />Twitter apologised to its millions of users after the "mouseover bug" raged through the site, opening pop-up windows in Web browsers and automatically generating tweets from other accounts.<br /><br />White House press secretary Robert Gibbs and Sarah Brown, wife of Britain's former prime minister Gordon Brown, were among those hit by the bug before engineers patched it up.<br /><br />The "Netcraft" security website traced the malicious code back to Delphin, who said he got the idea from another user who employed a similar code to make his profile and tweets rainbow-coloured.<br /><br />"After that, it seems like some of my followers realised the power of this vulnerability, and within a matter of minutes scripts had taken over my timeline," Delphin said.<br />"Hopefully I won't get in trouble!" he added.</p>
<p>Pearce Delphin, whose Twitter name is @zzap, admitted exposing a security flaw which was then pounced upon by hackers, affecting thousands of users and causing havoc on the microblogging site for about five hours.<br /><br />Delphin, who lives with his parents in Melbourne, said he tweeted a piece of "mouseover" JavaScript code which brings up a pop-up window when the user hovers their cursor over the message.<br /><br />But the idea was soon taken up by hackers who tweaked the code to re-direct users to pornographic sites and create "worm" tweets that replicated every time they were read.<br />"I did it merely to see if it could be done... that JavaScript really could be executed within a tweet," Delphin told AFP via email.<br /><br />"At the time of posting the tweet, I had no idea it was going to take off how it did. I just hadn't even considered it."<br /><br />Twitter apologised to its millions of users after the "mouseover bug" raged through the site, opening pop-up windows in Web browsers and automatically generating tweets from other accounts.<br /><br />White House press secretary Robert Gibbs and Sarah Brown, wife of Britain's former prime minister Gordon Brown, were among those hit by the bug before engineers patched it up.<br /><br />The "Netcraft" security website traced the malicious code back to Delphin, who said he got the idea from another user who employed a similar code to make his profile and tweets rainbow-coloured.<br /><br />"After that, it seems like some of my followers realised the power of this vulnerability, and within a matter of minutes scripts had taken over my timeline," Delphin said.<br />"Hopefully I won't get in trouble!" he added.</p>