WTF worm makes Twitterers declare goat lust
You want my brother, he's much bigger
Another malicious worm hit Twitter over the weekend, days after the micro-blogging site reached near-meltdown from a technically similar attack.
The miscreants behind the latest assault set up an attack page that exploited a CSRF vulnerability in Twitter so that victims who clicked on a link posted a crude message about their supposed fondness for sex with goats, as explained in a blog post by Sophos here.
Victims included celebrity blogger Robert Scoble, but far fewer people were affected than by the much bigger onMouseOver hack.
Twitter responded to the latest attack by disabling the link and, by late on Sunday, fixing the exploit that spawned the worm. The micro-blogging service is in the process of mopping up the remaining mess by purging the dodgy tweets from infected accounts, as explained in an update on Twitter's status page here. ®