Saturday, April 11, 2009

Twitter "StalkDaily Worm" (Updated)

Twitter is buzzing tonight with news of a fast spreading worm.

Here is a Postmortem of what's being called the “StalkDaily Worm” by Damon Cortesi: "What’s happening here is that it looks like somebody realized they could save url encoded data to the profile URL field that would not be properly escaped when re-displayed. This is particularly nasty because you could get infected simply by viewing somebody’s profile page on Twitter that was already infected. If you visited an infected profile, the JavaScript in the profile would execute and by doing so tweet the mis-leading link, and update your profile with the same malicious JavaScript thereby infecting anybody that then visits your profile on twitter.com."

The Twitter security team has deployed a patch to stop the worm.

Update: F-Secure has a great update including screenshots.
Another Update: Mikeyy Mooney, the 17-year-old creator of StalkDaily.com claims responsibility for the worm. (Yes he spells his name with two y's).
Yet Another Update:
Twitter Mikeyy Hack - How to fix & avoid

Labels:

0 Comments:

Post a Comment

<< Home