Welcome to WebmasterWorld Guest from 23.23.46.20

Forum Moderators: rogerd

Worm Infected Twitter User Accounts

   
11:52 am on Apr 14, 2009 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Worm Infected Twitter User Accounts [news.bbc.co.uk]
Twitter has been given the all clear after a worm infected "tens of thousands of users". But experts say the attack could have been much worse.

Over the weekend, a self-replicating computer program, or worm, began to infect profiles on the social network.

The worm was set up to promote a Twitter rival site, showing unwanted messages on infected user accounts.

4:42 pm on Apr 14, 2009 (gmt 0)

10+ Year Member



Apparently part of the reason this spread so far was because it depended on people clicking on shortened URLs. They're standard on Twitter to keep addresses within the character limit, but they also mean it's impossible to guess whether the URL looks suspicious.
5:36 pm on Apr 14, 2009 (gmt 0)

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Apparently part of the reason this spread so far was because it depended on people clicking on shortened URLs. They're standard on Twitter to keep addresses within the character limit, but they also mean it's impossible to guess whether the URL looks suspicious.

More information from Twitter here...

Twitter Blog: Wily Weekend Worms
[blog.twitter.com...]

There were not many accounts affected but the infection caused some performance issues within the machine. There have been a total of 4 attacks since it started and each time Twitter has been quick to respond.

According to Twitter, no passwords were compromised but they do suggest you change them just in case. It is not like Twitter is the most secure platform out there. You pass your login credentials across http if you don't pay close attention to where you are logging in from. I'm not sure if this is an oversight or that is just the way it works. That whole give up username/password is rampant in Social Media. People give it up freely over an http connection and to websites that have no information about privacy, security, etc. Scary.

Did you mention URI Shorteners? Those are the nemesis of Domain Brand Existence. RIP as soon as possible.

1:42 pm on Apr 15, 2009 (gmt 0)

10+ Year Member



Yeah, shorteners such as tinyurl etc.

The worst part is that Twitter automatically converts addresses to a shortened version even when the full address fits within the character limit. Why? What's the point of that?

2:14 pm on Apr 15, 2009 (gmt 0)

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member



The worst part is that Twitter automatically converts addresses to a shortened version even when the full address fits within the character limit. Why? What's the point of that?

That would be a misnomer. Those who have watched me on Twitter will tell you that the 30 character limit for URIs is not correct. In fact, I've been able to get a 76 character URI to non convert. I'd say that 99% of my Tweets now contain unconverted URIs if the destination URI is less than 70 characters and doesn't contain any funky separators like underscores. URIs with underscores have a 98% conversion rate, the damn things just won't work. ;)

I put out a public proposal at the beginning of March for Twitter to do their own shortening. They use TinyURL which is 7 characters and Twitter is 7 characters. I never quite understood why Twitter would not have done their own as they would have surely kept some brand identity for themselves. I think Digg read that and ran with it. :)

URI Shortening Services are on their way out. They are bad for the Internet and all things marketing. I guess we have the creator of Title Slugs to thank for many of the URIs out there that can't be sent without conversion. Smart move!

3:17 pm on Apr 15, 2009 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Here's How to Keep Safe [pcworld.com]
The worm, appearing as "" or "StalkDaily", was created by the 17-year-old Mike Mooney "out of boredom" and is now generating thousands of spam messages containing the word "Mikeyy." This is the fourth attack by the worm in the last four days, which sends Twitter messages from infected accounts, without the owners' knowledge.

How to keep safe from Mikeyy

First of all, experts advise Twitter users not to click on any links from messages containing the words "Mikeyy" or "Stalkdaily." It is recommended you use third-party Twitter desktop clients like Twhirl or TweetDeck (both PC and Mac) and that you do not use the Web-based version of Twitter, especially for viewing user profiles (as this is where the attack seems to originate).

As an additional security measure, you can disable JavaScript in your browser. Firefox users can use the no-script add-on, which stops any unwanted scripts from running.

1:02 pm on Apr 16, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Every professional web builder knows not to display unescaped user input in an HTML page. But over at Twitter they allowed users to enter <script> into their bio AND sent it out unfiltered, unescaped. Jeez.

Then they figured out how to escape < and >, but in sheer panic escape them twice, ending up with messy stuff like &amp;gt; in the HTML source which would be rendered as &gt; to the user.

I'm still seeing that right now, so they either haven't noticed or fixed it yet.

I like Twitter, like it a lot actually. But this worm thing was so easy to prevent.

 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month