Twitter Gets Swamped With Weekend Worms
The first attack came Saturday, originating with a couple of accounts specifically created to spread the StalkDaily worm. By simply visiting an infected profile, a user would find her account hijacked and sending automated Tweets with a link to a Twitter-like service called StalkDaily. By the end of the day, Twitter had cleaned up most of the infected profiles, had deleted the offending messages, and had apparently plugged the security hole that allowed the exploit.
Then, on Sunday morning, a second attack hit, taking advantage of the same flaw. Oops. The new worm, called Mikeyy, simply sent out automated messages containing the word "Mikeyy," and mocked Twitter's inability to fix its vulnerability. Mikeyy spread even faster than the StalkDaily worm, and, in no time, people's Twitter feeds were clogged with messages such as, "Twitter please fix this, regards Mikeyy" and "Man, Twitter can't fix sh*t. Mikeyy owns. :)."
Eventually Mikeyy Mooney, a 17-year-old Brooklynite, came clean. Mikeyy, who also created the site StalkDaily.com, claims to have written both worms out of boredom. He told BNO news:
"I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website. "According to Mikeyy's statements and an analysis from TechCrunch, the worm doesn't compromise a user's password or personal information.
In case your account was infected, Mashable has laid out step-by-step instructions for reclaiming your profile. The worm is pretty simple to defeat; just log out of Twitter, clear your browser's cache and cookies, disable javascript, log back into Twitter, delete the offending tweets, and reset your profile's colors, link, and location.
Twitter is clearly going through some growing pains, and we're sure this isn't going to be the last attack on the service that we'll see. But, as always, a little common sense can save you a lot of trouble. Exercise vigilance on Twitter just as you would with e-mail and the rest of the Internet; don't open images, files, or links from untrusted sources. And if your Twitter pal suddenly starts spamming you with links to some unknown site, then don't follow them or visit the page. That's just asking for trouble. [From: CNET, BNO News, and Mashable]
Related Links:





Reader Comments (Page 1 of 1)
FOURDOGSLAUGHING said 6:35PM on 4-13-2009
maybe Bill gates should hire this kid to run security checks on his own firm !!
Reply