Mikey Mooney, author of the Twitter worm, released another one Saturday night, according to security software firm F-Secure.
After the first round of Twitter worms he created a week ago Mikeyy, as he was known on Twitter, said he did it out of boredom, but that he wouldn’t be upset to get a job out of the whole episode. Before very long he actually did get hired by exqSoft Solutions, a custom Web applications development company. He also got hacked, revealing many of his usernames and passwords among other details.
Was that enough for Mikeyy? It would seem not, according to F-Secure. I’m not sure how they know he’s actually doing it and not someone using his name, but it looks like a new variant of the Mikeyy worm is out. The name of the user’s bio is changed to “Mikeyy” and the title of the profile to “Mikey and the Mysterious Treqz.” The variant also runs some hostile scripts that appear still to be up as of Monday morning.
It then sends out these, and more messages:
- Be nice to your kids. They’ll choose your nursing home. Womp. mikeyy.
- If you are born ugly blame your parents, if you died ugly blame your doctor. Womp. mikeyy.
- Every man should marry. After all, happiness is not the only thing in life. Womp. mikeyy.
At the same time Trend Micro is reporting that other malicious actors are taking advantage of public interest in Twitter worms to spread malicious links.
Google searches for “Twitter worm” and “Mikeyy” are being poisoned with links to malicious software. Their analysis indicates that the malware causes a series of downloader programs to execute, which then download and install further malware.
Other reports, such as this one on Mashable, indicate that Mikeyy, or a Mikeyy-like worm, is sending messages to celebrities. This shows one way that the phenomenon could get much worse: by getting a very popular user like Oprah or Lance Armstrong infected. Some popular users have hundreds of thousands of followers, and such an infection would be a serious crisis for Twitter.
Once again, if you see one of these messages, don’t click on the profile or any links in the message. It’s also probably a good idea to use a third-party Twitter app than the Website now, although that’s no guarantee of safety.
Security CenterEditor Larry Seltzer has worked in and written about the computer industry since 1983.