New Twitter Worm - Outbreak during Easter - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

New Twitter Worm - Outbreak during Easter

F-Secure reports that the new Twitter worm is designed to infect as many folks as possible in spreading without a damaging payload. The capability to harm systems could change and hopefully these attacks will be stopped. For protection, update AV signatures and avoid any message containing the keyword "Stalkdaily" (and don't go to the website) as noted below.

Ongoing problems at Twitter
http://www.f-secure.com/weblog/archives/00001654.html

Twitter Worm Outbreak during Easter
http://www.f-secure.com/weblog/archives/00001653.html

QUOTE: Twitter administrators don't seem to be able to shut down the various XSS / CSRF worms that have been plaguing the service over the weekend. The actual problems to end users haven't been devastating - so far. Most of the Twitter worms simply modify people's profiles to infect more users. However, attacks like these could be much worse if the attackers would incorporate nastier attacks, such as browser exploits.

Wily Weekend Worms
http://blog.twitter.com/2009/04/wily-weekend-worms.html

QUOTE: On a weekend normally reserved for bunnies, a worm took center stage. A computer worm is a self-replicating computer program sometimes introduced by folks with malicious intent to do some harm to a network. Please note that no passwords, phone numbers, or other sensitive information was compromised as part of these attacks.

McAfee - Twettir Worm (move to DAT 5583)
http://vil.nai.com/vil/content/v_154580.htm

QUOTE: S/Twettir is the detection for a JavaScript that exploits a cross site scripting vulnerability in Twitter to infect other user profiles. This worm sends messages to all contacts containing any of the following strings:

AVOID THESE MESSAGES

* Dude, www.StalkDaily.com is awesome. What's the fuss?
* Join www.StalkDaily.com everyone!
* Woooo, www.StalkDaily.com :)
* Virus!? What? www.StalkDaily.com is legit!
* Wow...www.StalkDaily.com
* @twitter www.StalkDaily.com
* Twitter has been hacked !!!
* Twitter worm, read here
* StalkDaily worm on Twitter, more info
* HOWTO: Remove StalkDaily.com Auto-Tweets From Your Infected Twitter Profile | Twittercism
* #Stalkdaily virus runs riots on twitter. Learn how to remove it

Posted: Apr 13 2009, 01:20 PM by Harry Waldron | with 2 comment(s)

Comments

www.imatica.org Països Catalans said:

Un virus que es replicava sol, anomenat "cuc" en l’argot informàtic, va atacar el popular lloc Twitter aquest passat cap de setmana (dies 11 i 12). El cuc no va provocar cap dany, tret de la infecció d’un nombre indeterminat

# April 22, 2009 2:33 AM

iMatica España y Latinoamérica said:

Un virus que se replicaba sólo, llamado "gusano" en la jerga informática, atacó el popular sitio Twitter este pasado fin de semana (días 11 y 12). El gusano no provocó ningún daño, excepto la

# April 22, 2009 2:36 AM

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.