Twitter was attacked with a StackDaily.com worm yesterday and that was done by a 17-year old boy who accepted it when the issue was totally resolved. The safest part was that the exploit did not include compromise of the passwords, but only the sessions of users were stolen for sometime and the boy promoted his site during that period.
Mikeyy Mooney, the person behind this said -
“I am the person who coded the XSS which then acted as a worm when it auto updated a users profile and status, which then infected other users who viewed their profile. I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website.
I decided if I had site that followed the same functionality and simplicity as one of the most known sites on the web at the time then it would receive a lot of hits. While playing around and getting the site developed I started adding more features and tried to part myself from Twitter, while still giving it’s still compact nature and simple use.”
Only the sessions were encrypted and passwords were not played with, so it was not that harmful, but was still a matter of concern and the Twitter team was able to resolve that pretty fast.
[via]
Thanks for your the information’s.
Recently spamming form @PragueBob twitter a/c also suffered from it.
Thanks again for your tweet.
Huh I too got infected by that worm…..Dunno what to do ?
Thanks for this information, The twitter is growing like anything, But one thing should be keep in mind that, the people are more likely to disturb the momentum of growing network.
Thanks , I would be take care and make my friends know about this worm.
THIS GUY MUST FIND A GIRLFRRIND AS SOON AS POSSIBLE!