This article is for those who saw little hearts all over their TweetDeck earlier on Wednesday. It’s now OK to log into TweetDeck, but users weren’t sure what was going to happen to one of their favorite desktops apps after the feature was hacked on Wednesday. CNN Money identified the person responsible for the hack as a 19-year-old computer geek from Austria who likes to be called Firo.
Firo wasn’t trying to do anything nefarious, at first. He just wanted to tweet a heart "♥" symbol, which happened to riddled with a code that hijacked into people’s TweetDeck software. Firo, whose real name is Florian but refused to share his last name with CNN Money, explained how he discovered on typing “&hearts” would make a "♥" symbol through HTML.
It might be news for Florian, but &hearts is a well-known HTLML code. What everyone didn’t know is this standard code could also breach TweetDeck’s security by allowing an outside user to inject a computer program command through a simple 140-character (or less) tweet.
Firo didn’t mean to discover this bug, though. "It wasn't a hack. It was some sort of accident," he told CNN Money.
Firo played around with the bug until he realized he created a pop-on on his own TweetDeck. After he discovered the vulnerability, the computer wiz alerted Twitter but the damage had been done. Other hackers got wind of the bug and a mass hijacking ensued.
The computer science student feels awful about the incident. "It's horror that TweetDeck made that mistake," he said. "It's horror that [hackers] are using this issue. I don't know. I'm sad in a way.
But there’s no reason for Firo to feel too horrible. Though other hackers joined in on the vulnerability, Twitter fixed the problem. Users simply need to log out of their account and then log back in and then problem should be fixed. People are advised, however, to change their passwords for extra security.
Follow me on Twitter @mariamzzarella