Twit's Get Tweated Cause Someone Cheated - Twitter Worm

From F-Secure's Website:  Twitter worm outbreak over Easter due to Stalk Daily Publicity Stunt?

A cross-site scripting worm was spreading in Twitter profiles for several hours last night.

People started reporting that their profile had sent Twitter messages without their knowledge. Messages looked like this:




Later on the messages morphed several times:



Many people followed the links to stalkdaily.com, as they believe the messages to be genuine Tweets from their friends. A cross-site script on the site then caused new users to start to Tweet the same messages.


More info on the technical internals of the attack are available at dcortesi.com.

As expected, the whole worm was a publicity stunt by stalkdaily.com.

You can see the latest official status of Twitter from their status page at status.twitter.com



We detect the script file as Worm:JS/Twettir.A.

Updated to add: This is not over. There's going to be quite a few modified Twitter worms for a day or two. Be careful in Twitter, don't view profiles, don't follow links. It's beautiful outside, maybe go for a walk instead?

Here's one current variant:



All these attacks are Javascript-based. Turn Javascript off if you're worried. More info here.  Editor's Note: If you turn off JavaScript, you won't get a popup floating PIN Pad!

Twitter Worm, Twitter, F-Secure, StalkDaily

Related articles

• Twitter Vulnerability: Mutating Fast and More on the Way (readwriteweb.com)
• 500,000 Websites Hit by SQL Injection in '08 (pindebit.blogspot.com)
• Twitter Worm Could Take Over Your Computer (in Theory) (readwriteweb.com)
• Hacker site claims breach of third security firm Web site in a week (news.cnet.com)