PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

17-Year-Old Australian Takes Blame for Twitter Worm

Chloe Albanesius
 & Chloe Albanesius Executive Editor, News

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

A 17-year-old Australian student said Wednesday that he is the one who exposed the flaw that led to Tuesday's cross-scripting attack on Twitter.

Pearce Delphin told AFP said he tweeted a piece of the "MouseOver" JavaScript code that prompted pop-up windows when a user hovered their mouse over the content. Unfortunately, this was soon exploited by hackers, who used it to redirect users to adult or dangerous Web sites.

"Is this the point where I mention I need a job? I'm just a poor boy, no body loves me ... except for the media," Delphin tweeted earlier today.

Recommended by Our Editors

Wikipedia Editors Could Strike Following Layoffs
Wikipedia Editors Could Strike Following Layoffs
Blue Origin’s New Glenn Rocket Explodes Spectacularly During Ground Test
Blue Origin’s New Glenn Rocket Explodes Spectacularly During Ground Test
Google Engineer Charged for Using Insider Info to Win $1.2M on Polymarket Bets
Google Engineer Charged for Using Insider Info to Win $1.2M on Polymarket Bets

In a Tuesday blog post, Twitter said it actually discovered the flaw that was exploited Tuesday about a month ago and fixed it. A site update unrelated to the new Twitter.com, however, accidentally unleashed it again, and a few people who noticed it took advantage.

"First, someone created an account that exploited the issue by turning tweets different colors and causing a pop-up box with text to appear when someone hovered over the link in the tweet," wrote Bob Lord with Twitter's security team. "Other users took this one step further and added code that caused people to re-tweet the original Tweet without their knowledge."

A Twitter spokeswoman said Wednesday that the company "won't be publicly identifying individuals who may or may not have been involved." Twitter will also not be pursuing legal action, she said.

About Our Expert

Chloe Albanesius

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio