Clever, yes. Nasty, also yes. It’s not a virus per se, but thousands of Twitter users have been hit already by a nasty exploitation of a security flaw within the service in which simply running your mouse over a link – rather than actually clicking on it – can redirect you to a pop-up or third-party Web site.

Mashable has a write-up of the details, including a screenshot of what to watch for – it’s pretty obvious once you know what it looks like. Also, if you’re using a third-party Twitter app like HootSuite or TweetDeck, you’re off the hook; these services don’t fall victim to the security hole.

As of this morning, there’s no official comment from Twitter, but we’ll keep you updated.