A Twitter hacker has cracked the Twitter code to force the site to block a tweet by a developer.
According to security researcher Alex Stamos, Twitter used a simple function called “push” to push tweets to a third-party service.
He was able to extract the code that allowed Twitter to trigger the blocking.
“I have a simple script that checks the Twitter API to see if any tweets are sent to a service called ‘Push’, and if so, it will ask Twitter to block it,” Stamos told Mashable.
“Once the API is blocked, it tells Twitter to send all tweets to another service called “Push”, and so on.”
Stamos said the hack could be used by malicious users to bypass Twitter’s security measures and hijack tweets from others.
“The hacker is able to inject code into the tweet that is either in the text or in the metadata,” he said.
“This allows him to trigger a block on a tweet that he’s sent to another Twitter account, as well as to trigger an automatic block on tweets sent to any other Twitter account.”
Twitter declined to comment on the report, but a spokesperson told Mashx that it “encourages developers to be aware of potential threats, and will take any action it deems appropriate to prevent such threats.”