Using the simplest of social engineering hacks — an enticing message with a link, labeled “don’t click” — a “clickjacking” exploit of the Twitter microblogging service flooded its network today, hijacking users’ status to spread itself before the link could be shut down.

The exploit’s link — http://tinyurl.com/amgzs6 — relied on a URL hidden through use of the TinyURL link-shortening service. The hack was shut down early this afternoon by TinyURL’s founder, Kevin Gilbertson, after Twitter users notified him of the attack.

“On my end, I just got some e-mails mentioning it. So once I found that out, I terminated the URL like I do with other abuse instances,” Gilbertson told InternetNews.com. He added that he replaced the forward of the URL with a notice that the URL had been terminated due to a breach of TinyURL’s terms of service.

See the full report at internetnews.com.