Certain users of Twitter platform Tweetdeck were shocked Wednesday morning to see that the app — which works via web, desktop and extensions in Chrome and Firefox — was creating pop-up alerts all by itself. The issue seemed to be affecting those who use the Tweetdeck app in Google Chrome, although mixed reports meant all versions could have been affected:
The source of the problem is thought to be caused by an XSS exploit, based on a particular pop-up that cited XSS directly. In essence, Javascript code is can be easily injected directly into an app with a security flaw, like Tweetdeck, and the app then parses the command as if it were a direct action from within it. The result, in this case, were the pop-ups visible to many:
Twitter confirmed there was a “security issue” on Tweetdeck and offered a fix: All users should log out and log back into the platform to be safe.
However, users complained that simply logging out and logging back in hadn’t fixed the pop-ups.
In light of those new complaints, Twitter later announced that all Tweetdeck services were taken down:
Twitter’s decision to take down Tweetdeck could have been fueled by a new problem that popped up in the interim: high-profile Twitter users like Jeff Jarvis lost control of their accounts and spontaneously retweeted a script that appears to single out the XSS exploit that caused the pop-ups in the first place:
Twitter has since brought Tweetdeck back up, citing a “verified fix.”
This article was updated throughout the morning as the situation changed, including Twitter’s announcements.

{"source":"https:\/\/gigaom.com\/2014\/06\/11\/is-tweetdeck-hacked-platform-experiences-random-pop-up-windows\/wijax\/49e8740702c6da9341d50357217fb629","varname":"wijax_0bbfe3c71d0c09d4f4e2f5c05b422596","title_element":"header","title_class":"widget-title","title_before":"%3Cheader%20class%3D%22widget-title%22%3E","title_after":"%3C%2Fheader%3E"}