Twitter is finally clear of a worm that hijacked user accounts and spread spamlike messages reading “Mikeyy” throughout the microblogging site’s network.
Dubbed “StalkDaily,” the Twitter worm unleashed four waves of attacks against the service, in each case exploiting a cross-site scripting vulnerability. The only goal of the malware seemed to be self-propagation; it had been created by 17-year-old Michael “Mikeyy” Mooney, who confessed that he had created the worm out of boredom.
Starting at 2 a.m. on April 11, four Twitter accounts began spreading the worm. Security teams promptly began “eliminating the vectors that could identify this worm,” all while securing an increasing number of propagating accounts.
By the end of the weekend, the security team had identified and deleted nearly 10,000 “tweets” seeking to still spread the worm.
The fourth and final attack began late on the night of Sunday, April 12, and continued into Monday before finally being stopped. That fourth round varied the content of the spam message slightly; instead of warning users not to visit the StalkDaily site (which promptly infected them) or printing a “tweet” with the word “Mikeyy” and an infected URL, the new message reportedly read “Hire Mikeyy” followed by the young malware developer’s phone number.
One person, at least, would probably not be inclined to hire Mooney.
“The worm introduced to Twitter this weekend was similar to the famous Samy worm which spread across the popular MySpace social-networking site a while back. At that time, MySpace filed a lawsuit against the virus creator which resulted in a felony charge and sentencing,” Biz Stone said in an April 12 Twitter corporate blog post. “Twitter takes security very seriously and we will be following up on all fronts.”
Stone added in the same posting, “We are still reviewing all the details [and] cleaning up, and we remain on alert. Every time we battle an attack, we evaluate our Web coding practices to learn how we can do better to prevent them in the future.”
Since its launch in 2006, Twitter has grown to host roughly 8 million users, all posting 140-character microblog posts called “tweets.” The enterprise has recognized it as a potentially valuable tool, with Microsoft sponsoring a Twitter-driven site called ExecTweets and Salesforce.com adding the site to its Service Cloud solution.
Twitter has also structured itself to become more competitive against Facebook and Google via a search function that allows users to see what topics are generating the most online traffic. While scuttlebutt soon started that Twitter would be bought out by Google, Stone dismissed the acquisition rumors by saying, “It should come as no surprise that Twitter engages in discussions with other companies regularly and on a variety of subjects.”