News Asia-Pacific

Saturday 21 April 2018

Australian teenage hacker 'easily' crippled Twitter

Bonnie Malkin

An Australian schoolboy has emerged as the creator of a computer worm that affected thousands of Twitter users and crippled the microblogging site for several hours earlier this week.

Pearce Delphin, 17, said that he exposed a security flaw in the site, which allowed hackers to send unsuspecting Twitter users to Japanese porn sites, simply "to see if it could be done".

The worm affected several high-profile Twitter users, including Sarah Brown, the wife of Gordon Brown, and Robert Gibbs, the White House press secretary.

Delphin, who lives with his parents in suburban Melbourne, sparked the hacking frenzy after he tweeted a piece of "mouseover" JavaScript code, which brings up a pop-up window when the user hovers their cursor over the message.

The idea was adopted by hackers who tweaked the code to redirect users to pornographic sites and create "worm" tweets that replicated every time they were read.

"I did it merely to see if it could be done ... that JavaScript really could be executed within a tweet," Delphin said.

"At the time of posting the tweet, I had no idea it was going to take off how it did. I just hadn't even considered it."

The teenager, who was traced after the Netcraft security website linked the malicious code back to him, said he got the idea from another user who employed a similar code to make his tweets rainbow-coloured.

Delphin, or @zzap as he is known on Twitter, told The Age website that he had no regrets over exposing the flaw, saying that it was Twitter's responsibility to keep the site secure.

"Twitter probably could have handled it better," he said.

"Luckily when this vulnerability first got out, it was apparently the middle of the night in North America."

He added that he was surprised how quickly the code had spread around the world.

Twitter has apologised to its members for the "mouseover bug" and has promised that the flaw has been fixed.

The company has indicated that it will not press charges against Delphin and has also declined to suspend his Twitter account, which has gained at least 130 new followers since the story of his role in the drama broke.

Last night a post from his feed read: "Is this the point where I mention I need a job? I'm just a poor boy, no body loves me ... except for the media."

In his Twitter biography, Delphin, who is in his final year of secondary school, describes himself as "An almost legal teen (XVII), social media whore & politics lover. Good at being angry on Twitter. Also good at drinking vodka. & looking hot."

Melbourne police have said that they are not investigating the incident.

Today's news headlines, directly to your inbox every morning.

Editors Choice

Also in World News