ICSA Labs on Twitter Worm
Posted on 13.04.2009
Andy Hayter, Anti-Malcode Program Manager at ICSA Labs, has put together some brief facts about the Twitter worm.
  • The Twitter worm that began to spread on Easter Sunday is a cross-site scripting worm that spreads in Twitter profiles.
  • During the first outbreak, Twitter users will receive unsolicited messages with the URL www.stalkdaily.com in the subject. DO NOT GO TO THAT WEB SITE! The second outbreak, which started later on Sunday, contained the phrase “Mikeyy” or “mikey” in it.
  • The third version of the attack uses “bit.ly” to add shortened URLs to a message that reads something like “How to remove new Mikeyy worm! RTM!!”
  • All the attacks are Javascript-based. TURN OFF JAVASCRIPT in your browser if you are worried.
  • The following Web site has steps for turning off Javascript in the popular Web browsers: http://www.tucows.com/article/1690
  • The only effect of this worm at the moment is to modify a person’s Twitter profile.
  • Malware researchers are still investigating this worm. Twitter has taken action on its end to mitigate the problem.
  • The best advice is to repeat point #5 – TURN OFF JAVASCRIPT. Utilities such as NOSCRIPT for Firefox allow you to view Javascript prior to execution and allow safe sites only.





Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //