Monday, April 20, 2009 2:31 PM
cmosby
Yet another Twitter worm – F-Secure Weblogs
Twitter, this sucks! Fix your coding.
Twitter Security Team Really? You need to be fired.
Horrible Coding!
@oprah - sup? welcome to twitter - mikeyy
@aplusk - hey, homo. - mikeyy
@souljaboyellem - your music sucks dude. - mikeyy
@TheEllenShow - hey baby, love me long time? - mikeyy
@StephenColbert - you funny. - mikeyy
@cnnbrk - he's back. ;) - mikeyy
@nytimes - yep, it's true. - mikeyy
Twitter, do you know about the before_save model callback? - mikeyy
This exploit only affects Internet Explorer users. Thanks. - mikeyy
Twitter, BeforeSave: ForEach: DataArray: EscapeHtmlCars!!! - mikeyy
Get Firefox, thanks. www.Firefox.com
Twitter, you should be paying me now. - mikeyy
Once a user views an already infected profile they get infected as well. The name, location, website and bio all gets changed to Mikeyy and they start posting messages randomly picked from the list above.
The malicious script itself is downloaded from
74.200.253.195. Twitter is working on fixing the problem.
This happens on the same day as media reports that
Michael Mooney got a job because of him writing the first Twitter worms. So if he did this one too, what was the motivation? To get an even better offer from someone else!? Stupid.
For now, stay away from looking at user's profiles. Also Firefox and NoScript is a good combo.
Updated to add: Michael Mooney (Mikeey)
confesses to writing this latest worm as well.
Filed under: Security and Anti-Virus, Internet Hacks, Spam\Phishing, ConfigMgr