The popular microblogging platform became inaccessible around 9 a.m. EST. About 45 minutes later, Twitter, in a post on its status blog, acknowledged that the site was down and it was investigating the cause.
An hour later, the company said the site was battling a DoS assault.
"The site is back up, but we are continuing to defend against and recover from this attack," the blog said.
Biz Stone, founder of Twitter, described the incident on the company's corporate blog.
"Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users," he wrote.
Eric Greenberg, senior vice president of security and risk solutions at managed services provider Integralis, said Twitter most likely is falling victim to the system being overrun by messages coming from infected accounts.
The Mikeyy cross-site scripting worm, which hit in April, or something like it, could be responsible, he told SCMagazineUS.com on Thursday. The culprit likely is a network of accounts within Twitter that are being controlled by a botnet, not an external botnet of drone PCs, as is often the cause of DoS attacks.
Twitter, like other social media sites, rely on individual accounts to communicate with one another, Greenberg said. If worms are able to compromise those accounts to send out mass numbers of messages, a site like Twitter can fall.
"Web 2.0, in particular, has some unique attributes that make it difficult, if not impossible, to defend against this type of thing," he said. "If you start to own different accounts...now you're using the service to attack itself. Now you have a situation where the enemy is within."
Earlier this week, servers belonging to Gawker Media, which publishes 10 blogs, including Consumerist, Deadspin and Gawker, were hit with a DoS attack.
And according to sources, Facebook also has had instability problems this morning, though the site appears to be operational.