Twitter worm spreading malicious links?
Posted on 07.12.2010
A new Twitter worm seems to be burrowing its way across the service, apparently forcing mobile Twitter users to retweet a shortened link which they clicked on themselves.

So far, there are two versions of the link ( and, but there are likely to be more. The worm piqued the curiosity of many users, since the message containing the link contains nothing else - no explanation, no hint:

The Next Web used a tool that lets users check where the shortened link will take them before they click on it, and it turns out that the destination is, a legitimate but compromised site of a French furniture company.

"The bit after the slash of course redirects to various exe or php files on several other domains (e.g. or then results in a 404 for that file. But at the source for that page and its empty," said a commenter to the site.

Whether these sites are meant to serve malware is not yet clear, but the real issue here is that they might, so Twitter needs to find out soon how this worm spreads and stop it in order to prevent further mischief.

Were aware and have sent out password resets for affected users. Well monitor the situation in case of further iterations, stated Twitter representative Troy Holden to TechCrunch in the meantime.

A third instance of usage of a shortened link has been also spotted, and it's not yet clear if there is any connection with the worm. This time, the message contains more than just a link - it advertises a service to track "who follows and unfollows you".

In any case, for the time being, it's best to avoid clicking on these and similar links - especially if you're checking your account via your cell phone.


10 practical security tips for DevOps

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Mar 31st