Twitter is finally clear of the weekend worm attacks that left the popular microblogging site, recently rumored to be in talks with Google over a potential acquisition, furiously scrubbing the malware from its system. The StalkDaily worm, which exploited a cross-site scripting vulnerability, was the creation of a bored 17-year-old.
Twitter is finally clear of a worm that hijacked user accounts and spread
spamlike messages reading "Mikeyy" throughout the microblogging
"StalkDaily," the Twitter worm unleashed four waves of attacks
against the service, in each case exploiting a cross-site scripting
vulnerability. The only goal of the malware seemed to be self-propagation; it
had been created by 17-year-old Michael "Mikeyy" Mooney, who
confessed that he had created the worm out of boredom.
Starting at 2 a.m. on April 11,
four Twitter accounts began spreading the worm. Security teams promptly began
"eliminating the vectors that could identify this worm," all while
securing an increasing number of propagating accounts.
By the end of the weekend, the security team had identified and deleted
nearly 10,000 "tweets" seeking to still spread the worm.
The fourth and final attack began late on the night of Sunday, April 12, and
continued into Monday before finally being stopped. That fourth round varied
the content of the spam message slightly; instead of warning users not to visit
the StalkDaily site (which promptly infected them) or printing a "tweet"
with the word "Mikeyy" and an infected URL, the new message
reportedly read "Hire Mikeyy" followed by the young malware developer's
One person, at least, would probably not be inclined to hire Mooney.
"The worm introduced to Twitter this weekend was similar to the famous
Samy worm which spread across the popular MySpace social-networking site a
while back. At that time, MySpace filed a lawsuit against the virus creator
which resulted in a felony charge and sentencing," Biz Stone said in an
April 12 Twitter corporate blog post.
"Twitter takes security
very seriously and we will be following up on all fronts."
Stone added in the same posting, "We are still reviewing all the
details [and] cleaning up, and we remain on alert. Every time we battle an
attack, we evaluate our Web coding practices to learn how we can do better to
prevent them in the future."
Since its launch in 2006, Twitter has grown to host roughly 8 million users,
all posting 140-character microblog posts called "tweets." The
enterprise has recognized it as a potentially valuable tool, with Microsoft
sponsoring a Twitter-driven
site called ExecTweets
adding the site to its Service Cloud solution.
Twitter has also structured itself to become more competitive against
Facebook and Google
via a search function that allows users to see what topics are generating the
most online traffic. While scuttlebutt soon started that Twitter would be
bought out by Google, Stone
dismissed the acquisition rumors
by saying, "It should come as no
surprise that Twitter engages in discussions with other companies regularly and
on a variety of subjects."