Twitter experienced “unexpected” downtime on Saturday, and in order to recover from the problem the company will have to implement measures that affect third-party applications that use the Twitter API.
Twitter acknowledged the problems on its official Twitter Status blog at around 1 p.m. U.S. Eastern Time, saying the company was “actively working” to bring the site back after it went down unexpectedly.
In an update to that post at around 1:15 p.m., the company said it was recovering from the downtime and “looking into the external causes.”
A few minutes after 2 p.m., the company announced that the API that external Twitter applications use will be offline as part of the recovery process. An hour later, Twitter's site seemed to be working normally, based on checks from IDG News Service, but third-party applications may continue to be affected.
“The first step our operations team must take will likely cause API downtime, especially affecting OAuth. We apologize for the inconvenience and we will work quickly to reduce the impact to the API. We appreciate your patience and I will update you as soon as we know more,” wrote Twitter representative named Doug Williams, from the company's developer support team, in a discussion forum for Twitter developers.
A little over a week ago, Twitter collapsed for hours as a result of a distributed-denial-of-service (DDOS) attack that also affected in less severe ways LiveJournal, Facebook and Google's Blogger. That attack was reportedly directed at silencing the political commentary from a blogger in the country of Georgia.
The DDOS attack, which came in waves of varying intensity and lasted several days, forced Twitter to take defensive measures that included limiting access to its API and application platform. As a result, many third-party Twitter applications were seriously affected for several days.
On Thursday, a security researcher from Arbor Networks reported that hackers are using Twitter as a means to distribute instructions to a network of compromised computers, known as a botnet.
“While digging around I found a botnet that uses Twitter as its command and control structure. Basically what it does is use the status messages to send out new links to contact, then these contain new commands or executables to download and run. It’s an infostealer operation,” wrote Jose Nazario, manager of security research at Arbor Networks, on in a blog posting on Thursday.