Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Twitter Worm No Longer Security Threat



 By: Nicholas Kolakowski
2009-04-14
Article Rating:starstarstarstarstar / 1


There are 1 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Twitter is finally clear of the weekend worm attacks that left the popular microblogging site, recently rumored to be in talks with Google over a potential acquisition, furiously scrubbing the malware from its system. The StalkDaily worm, which exploited a cross-site scripting vulnerability, was the creation of a bored 17-year-old.

Twitter is finally clear of a worm that hijacked user accounts and spread spamlike messages reading "Mikeyy" throughout the microblogging site's network.

Dubbed "StalkDaily," the Twitter worm unleashed four waves of attacks against the service, in each case exploiting a cross-site scripting vulnerability. The only goal of the malware seemed to be self-propagation; it had been created by 17-year-old Michael "Mikeyy" Mooney, who confessed that he had created the worm out of boredom.

Starting at 2 a.m. on April 11, four Twitter accounts began spreading the worm. Security teams promptly began "eliminating the vectors that could identify this worm," all while securing an increasing number of propagating accounts. 

Resource Library:

By the end of the weekend, the security team had identified and deleted nearly 10,000 "tweets" seeking to still spread the worm.

The fourth and final attack began late on the night of Sunday, April 12, and continued into Monday before finally being stopped. That fourth round varied the content of the spam message slightly; instead of warning users not to visit the StalkDaily site (which promptly infected them) or printing a "tweet" with the word "Mikeyy" and an infected URL, the new message reportedly read "Hire Mikeyy" followed by the young malware developer's phone number.

One person, at least, would probably not be inclined to hire Mooney. 

"The worm introduced to Twitter this weekend was similar to the famous Samy worm which spread across the popular MySpace social-networking site a while back. At that time, MySpace filed a lawsuit against the virus creator which resulted in a felony charge and sentencing," Biz Stone said in an April 12 Twitter corporate blog post. "Twitter takes security very seriously and we will be following up on all fronts."

Stone added in the same posting, "We are still reviewing all the details [and] cleaning up, and we remain on alert. Every time we battle an attack, we evaluate our Web coding practices to learn how we can do better to prevent them in the future."

Since its launch in 2006, Twitter has grown to host roughly 8 million users, all posting 140-character microblog posts called "tweets." The enterprise has recognized it as a potentially valuable tool, with Microsoft sponsoring a Twitter-driven site called ExecTweets and Salesforce.com adding the site to its Service Cloud solution.  

Twitter has also structured itself to become more competitive against Facebook and Google via a search function that allows users to see what topics are generating the most online traffic. While scuttlebutt soon started that Twitter would be bought out by Google, Stone dismissed the acquisition rumors by saying, "It should come as no surprise that Twitter engages in discussions with other companies regularly and on a variety of subjects." 





  Reader Comments: Twitter Worm No Longer Security Threat
>>> Post your comment now!
@LiveCrunch
Well they at least caught the guy, Michael Mooney who is only 17y old tho..
Posted At: 04-14-09
By: Joe
>>> Post your comment now!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Nicholas Kolakowski
 


xr80VӮc]mT!rYST婎PP$$M8NK3n&t$_ϖ˖"$D"w?IturF3k}jxޢ>? ?Xf0TE[ \Ϥ^-Am۟@Ou 5rj9:ruz=>;|/s=NN%cjAM&#{Fm_&2z5ܯ3 fE1;FI=Mk9JGD>֥E!m$|ߦoNDE4d‰EUC$Vw&?ZWM$MyX&ZhCA+tW!eP=?}m]unsCΚ[.w:Pڟ+Hk*}k pO{uHz>5401\]Z-Jj=Ogޗ&Pe$Y-Y׾$<--ͫ%wܻG)H̛cM|`I`6L2Xc]NY^:`Kc7I3뾖;j\K=0[-RF ƺJpJq䰉kYSl \o4x M2X $}ВYtBFxu3 .)J""x^3 qE KH@!]F!8N0FpJn.b? [&gɇfeٜ%YWa.Lo\zFMt;W~j7Ƈ&8J,0B- ]evbc\Է7J06bCU9-b(7ZdL,1,OP7PA^gA`: ~'c|>5$!|emxqZ. +ЍEXn`VtHa{4ڭl= KPI}xXOk9LP"wC h&r=kIׇ.[?? { G`r\ɽ5y0+wK@b!(զOCπYzC Sl~[>l038 q0y zDУ$@!"-i]NP@Ar6W? -,rr2/~GazGBjK%'BP*m=!đtܾZ*=hƚTL٣XB ^X/_2әJRj2mlƪń(VFNDl0Vn)HQob< C>ZHLq}bBB61 {A3uNP"'Կ ;3u9\OwT/=\҃9 UQR }-z~7MAR?Ty v Bdj/h~W.Y 3EXVHdF!! = \Pȭ|3T)w^IY䞅T_9YX XM` ,R?v'6NI Xh8E/C4v eiֽYKu7bumIJۥi]hk%T87Bj^[a׼6F]RZRKPDlPc/X +ezdyM2&Ioki8,@ r; p璉IJ*6*gsXSԝzд\"ҝz}@nzw@>:`3ǟG )a!c$Q+}neͨԪP -"|@( K ؈|Ё*tdj²w7ה!._07&v*> 0f&6XC˦>ouqA̫%uDw֠~3KJAUcϓasMD@knV2Tˣ6Wеm!3躢΍9 X):i[,~ ɯ¹5j6|*j0FBċV0l^x|hF`'pW["LJ}wY'JzuG6$T.(J9A)` N 2|h<|CP&,t\$m DrAa T+c//'7].K i?aE"%t1ڥs!a*/7+g \|;OgjZ(T+1:ʪZJ:D+yWE"IO!Ps@W.μ + '3E<&&{-KZeX|t!/cԧ8@zU0UESUG+;+؝?F]h6B\4<`c5 pf nWQ=KjJvg `\~,pϨ$ HsE-~ȮO1)"Vaڟs;d跸@\5o8`Ȍ)Ĩ5UV *~mZg5"뵿9KAG^320";wF\!vƬY~ r?MqߎXAmšk+sD ü |30Jј<-*=>]6AYhMgf;ܪ+_eS Vkr4hC>9LSi4DZ63qIvW|_l6A&|wN:"WA ұg /3_wj<]~oLƩ4>J>hG2cdQHVz\ 4ex.M_ 4y @QFkoZ,+eyX/) JU-A^Mo6=HTPGV:4yIc#&ahhmb򐤏=产Z"FT6 Jx \u Zlm7M Lqa?͕g7ckX> B5)@u%hrGSYq {a\/n/$h@^1MaOJwٸZ8P#̞úeDi a\&LXu@Z:G*ݔ;Y`'.ӪV$,< T%5RiEmT)ܓN-ӄ1zAbQ=Y @rvjT  eK= j ;! ]DZq|V n&<1wOX]dK!Mo$DDOCVgX&1솿V(ًk㜘o_?؇^?jUeqbsE6 7k{J~Zg^p t,+?~m.HAc睫th.?t[V0yEG߫ iïR#R:&*Ljb8 }L@IP 4t=&!}7{9EuuAuhg^py+ @@*'^pڍ+%e熟;&u ׹w9& 5.[X G>9l6nÏOM1k&05h8!x0M W}>0k{R̵jПs2]c>^p9GRb0x&4Ndywy#+Up"X* rNM/h55nWe gNt!&Y\uzqkސ՗arJs juck5ՅO>O4H\/O9!- L 췻zMY fЧ okI}i^w7HUZx P>?'$c: I"I^U֩˯Ȫ̙SۋNgS^q,<&ioҁ{&-3(#{F޸2{K7K{ y aϺ7]f+wK]MJKz9nhp;īދKqɧyej ГGmחF}Vȿ5LĬhw4hTɁo ?֐5'|ȞFcԴىƓy|yg>,d9_a}4؞qbLư2F'`-ݺܭ1J "i#ĠH[rMs _5 Z7:ar*|"Zy☖a%8\}5ߊ:"YcCƓdǟ۲&ZP|=ߎ93{K4j Z*2kpcS[K/!4y˭0LdT/rK[⹏^}:lQۏo%~!Ӊ*Ͷ,CPu˸m\^*UbjhN>1Lpy&0j@yrmZ"y|lK28ClbIsOtܔޘba߭31_1`eݦ^зSg'D,V&/\@+J4Z)1Z/?/:]gTfyDG OGj3d<!9)  o*b1IQy#P?Ob[PP1T="L~vՔqCy"Igt);LJ"u X0$,,!iRgDbVs|Yj%IA_H,yS)'#%8\e~U7ȓJjm ^i/NkcX\聄fc4P9À׶޳TB5BGh6{2aѶGo잋h?(Qۖ /ETg/5i Vy^_zu}Y]R_|Ѿ]amɧ 77D@h0|_&`]ziyDHkdQ%< K =1'Uے^ٌ̛4nyIgC1[2 ۂHӊ٤k3J6y6he[%=_p 00#S_j:Ե0s~F'GzF.Vʖ /v%lh[=wJza1k)- m+#_xJrZ{}hᯄ+ޒ~_i$楮>\{DsaYX1@g]j c187,-_zi?Vyq(T;"n5_BW+ zU)^68BA+.xۡтTԟWǑG~w9~w9~w9~w9~.ǢRjߚ?FzoM)&LwX_Ч] kL}Dx%vú*9pV_S𵝒"=uÃԦ&<7#<0dt̸!⭒x!/Jp15 KBG`Za)ɢg~eB枎뾾GrDSܙ/ԓ>(C$ jVߘLb֎k s{Tqm瀙;`m!qʚ~:EuNxuF?qr_q׷{#;vg),aa8o&A2 +Exe~ V~ !`Q׷y=xk0JnN’)@^c~PQfYc@I7U%AظwHק-k3u7Oap!1o_ - 껽 OVgwm}+蓾z77J*WJZ oGɑ{vW IK1կp)TURT?o Kf/4"{00׽HIצ"Ӎ<yG©Yj:&wUJE:`6+ℱfneO%3ߟI4T "IGKOuz`]gp sZg/^^"Ҷ'W-N /Wkd=I^֚Iq()Zbz8S[~x~1GC15m˜o OtS#=i=T6087~ykʁV=P, xߤ߸֊[NiΞëF(c% >QiH:[/,QkOu$vy1a䥒V,T˩7uϞN,֠ K&#{ք2LAY鳏bi' 1 m&0=m|>̷d1sB+cm5XcKm2! (R$ {ޝKj߶$|@,d2sMc H Wkm3R)5ܛ?/S\mD νz_a8bu{Ω05r1$evnb0̊~%U$x[jhwQf10³\Xp,)ŘI|G,%_[FFV>G6ڊb F B OtaVČ\>fF+iFwCˠOW1h>bӈC7A_*J@(fYir' .'qYoןp+P~ԪVwn@kb^4Ҿ^+qܔںew6\$>% &=^FSU.o Arj$WxpO>l@`mļϴ@BSx&㗸Gd.$!qr5D8< roEVIz# ,@E슍\x56:7o͏H%jv/^xHswB"8 x=gw{] }"```e,jρOI<+ǘE-=ٵ]ųuh c6r*?ErБ` r =K~gԚoʡR0FDu*?83*%,&cP <"mG{o]9/x uB ŬW:Lma`t.t>?OAa2Lkt2@+ fɻS:rtT(ʁ2|{@u3E9s)aR;g3sn66~oیon3/$)CAy#׸pz~;"9(/'R*Ȫ_~*%yF!gȳ+z'^˰s3ce_7ˀ/qu}9K+ťW*7׳KD쵆cn%:v^_#GPipKxEó##htoĶ.p&}:=WWvl+Jy.)ܢ}:QOXE)9 8qi@B'S9|.y|e8Ntw<17 }^fҖ1>?&vd{r.v뻸)nדpK` U75ioq[~|^j*85ߚLYu8 % ~H-M׳pN88 an-g7xF m̹qo#uoHn:H墦 V˕R;qO;aW߀8 "2㚚DdU*.R0X\/s>P`26UJ` z!J1 4c֭dKb(p E?FGG5^ʘE,d aSKp^'WvŐ@0~Y8P*`!K؞.F^$e[?6VI 2hؐ ؒ9N-#)N>@OÙxJO,O~f+g  cUݣQGC)M&D|&ߢ)tOU T/AD[e+|3˸ [2FdX jXJrX\NkUErlyOȼ!A0BNMaxQp&td +< Ɓs(:&-c ]zRz-HZ~nܸxR3WIv#V >Q֠}QAq4[|nƄ_ðh߈)/7IN7"4Fb\rwZf$jB+_w!9~+Z 'Jq}lۨ\wrnCknԙ%dO_K:!ӷಁe"Z= s sTtw83vsgD?;׶  Mm'#8c*t ύe[b |kc'pg! X|wVulםD d9e7cxiīc *ۓ|?Oe Mt0͡okn>ʷQ$L{s>zQtERb05yM&h~0qGĶ2C|R2MepvRvcdLw׳&qgSݣ@NDqg˫P;mml/>^|ۺ+AѮx'FaJ׼t{%C>KRX}P/(:OOgsZ %.7_Hv›*2}X%` GYU`kr5-E6<܈@x?ƃna@J^˳3LN5%^g{U\M(X7m-^FM]YtAw{&B+]yCQ1W9ov$ѿfp<ٰ޳s+o=Љe;5i>;Y}#s!o`YX&5ęV3/kti( aaXdS17@j0\|yH d[\K^مt&3k/YH~>  r*r*]xWI"c؛B} bRSv"<~v~m.3JbQ'.m>\Vv.;71XغqKO?t>]I6Ҝ%!ܜ5 D>uu!"^ֳ .A|>Ðy6#xL 2kV*wNVtƦI21qzr.{aT(~r[)U:M\"GZi/%!zH'r0>dv=̭q;f¦[HHdžIkckjY,@>*