Feeds

Twitter riddled with worms and scams (again)

Who will stop the madness?

Top 5 reasons to deploy VMware with Tegile

Multiple new versions of the Mikeyy cross-site scripting worm spread across the Twitter micro-blogging network over the weekend.

The first in the latest batch of worms berated Twitter for poor security. Mikeyy Mooney, the VXer who got a job in security days after creating the first Twitter XSS worm over the Easter holiday weekend, has confessed to creating this worm too.

A second worm, which began spreading on Friday, referenced Twitter users with a large number of followers (such as @oprah, Oprah Winfrey, and @aplus, Ashton Kutcher) and came from compromised accounts that also referenced the increasingly annoying Mikeyy.

On Saturday (18 April) two more Mikeyy-type worms appeared, this time in the guise of Tweets from compromised accounts, featuring philosophical musings and the word "womp". The second worm of the day screwed with infected profiles, changing the title of the profile to "Mikey and the Mysterious Treqz", as explained in a blog posting by F-Secure here.

Twitter, not before time, suspended Mikeyy Mooney's profile over the weekend, and this might be be the 17 year-old's reaction, although this has not been confirmed.

Security researchers, who criticise Twitter for its apparent inability to de-worm its site, advise users to turn off scripting (or use Firefox extension NoScript) when viewing users' profiles in order to avoid getting caught out by the malware.

"Once again, Twitter is left looking amateurish in its response as it clearly hasn't properly hardened its systems from these kind of cross-site scripting attacks," writes Graham Cluley, senior security consultant at anti-virus firm Sophos.

Monday brought yet more security problems for Twitter with the spread of messages promoting TheSmartEcard.com, a site linked to online scams. Twitter itself describes the issue as a "scam/phishing" problem unrelated to malware. It adds that the messages were sent via compromised accounts, which it is in the process of suspending. ®

Internet Security Threat Report 2014

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.