Twitter worm creator is Aussie schoolboy

A 17-year-old Australian schoolboy has been traced as the discoverer of a vulnerability in Twitter's code which allowed other hackers to create a worm which spread to as many as 500,000 accounts on the micro-blogging site on Monday.

The worm affected high-profile users including White House press secretary Robert Gibbs and Sarah Brown, wife of the former PM, who inadvertently redirected her followers to a Japanese porn site.

Pearce Delphin didn't write the worm, but he was the first person to twig that JavaScript scripting language could be used in a tweet - and in doing so, he let the genie out of the bottle.

Speaking to Australia's The Age, Delphin said he had created his tweet, which caused a pop-up window to appear when users hovered their mouse over it, "merely to see if it could be done". He was inspired by a Japanese user who had inserted CSS script into his tweets to make them rainbow-coloured.

He was amazed by the speed with which his discovery spread around the world - and brought 130 new followers to his @zzap Twitter stream. The next step was for a hacker in Sweden to create a Tweet that used JavaScript to self-replicate, sending itself from user to user without their intention.

Other hackers quickly followed suit. None of the rogue tweets were capable of causing any real harm to 'infected' computers or carried any malicious payload - but some did redirect users to pornographic, or otherwise shocking, websites.

Delphin said: "Twitter probably could have handled it better. Luckily when this vulnerability first got out, it was apparently the middle of the night in North America."

Twitter has accepted that he had no malicious intent, and has shot down suggestions it should suspend his account. Melbourne police say they are not investigating the incident.

Meanwhile, Delphin is still tweeting. Last night he wrote: "Is this the point where I mention I need a job? I'm just a poor boy, nobody loves me... except for the media."

Showing that kind of enterprise, Delphin may not be out of work for long when he finishes school this year. After all, another former teenage hacker from Melbourne, Julian Assange, is now very busy - as the public face of the global phenomenon which is WikiLeaks. ·