Twitter Hit With Four Worms Over Weekend
The Twitter techs responded, and by 11 A.M. PDT on Saturday morning, they had things under control. Twitter reports that about only 90 accounts were affected. A few hours later, a second version of the worm started to make its appearance, and this time about 100 accounts were infected before the Twitter techs could nip it in the bud. This iteration took advantage of a different field in the Twitter profiles.
All seemed fine until a third variant of the worm starting making the rounds on Sunday morning; this time the worm was dubbed "mikeyy" because the infected tweet included a message from someone identifying himself as "mikeyy." Once again, the Twitter techs went to work and eventually wrestled the worm into submission: "All told, we identified and deleted almost 10,000 tweets that could have continued to spread the worm."
Of course, the onslaught was far from over: A fourth iteration of the worm started making its rounds this morning. The Twitter response team is again addressing the issue. Infected accounts are tweeting the message: "This worm is getting out of hand Twitter. - Mikeyy."
As to who is behind the worm, CNET News reports that a Brooklyn teenager, Michael "Mikeyy" Mooney, is the culprit--at least for the first two worms. Mooney created a micro-blogging site similar to Twitter, and used the Twitter worms as a way to promote his site. It is unclear at this point if Mooney is also responsible for the third and fourth variants, or if someone else used Mooney's techniques to exploit furhter vulnerabilities. At press time, the StalkDaily.com site is down and only displays a short message that says: "StalkDaily is currently undergoing redevelopment. Stay tuned guys. :) Regards, Mikeyy."
On the Twitter blog, Twitter claims that "no passwords, phone numbers, or other sensitive information was compromised as part of these attacks." The blog also states:
"The worm introduced to Twitter this weekend was similar to the famous Samy worm which spread across the popular MySpace social-networking site a while back. At that time, MySpace filed a lawsuit against the virus creator which resulted in a felony charge and sentencing. Twitter takes security very seriously and we will be following up on all fronts."