Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on April 12, 2009

17 year old creator of StalkDaily Twitter worm comes clean. “I am behind this attack.”


17 year old creator of StalkDaily Twitter worm comes clean. “I am behind this attack.”

twitter-logo-small1Last night, Twitter was in a state in panic over a ‘worm’ that had exploited the site. Unlike previous bugs which required you click a link of some sort, users could be affected by simply visiting someone else’s profile.

The ‘worm’, stemmed from an apparently twitter-like called StalkDaily, infecting Twitter profiles and status updates directing people to StalkDaily. Throughout the entire event, the StalkDaily site maintained no involvement – today, we learn that was clearly a lie.

The idiot comes clean.

The 17 year old, Brooklyn based owner of StalkDaily, has admitted responsibility for the Twitter worm. In an email to BNO News, the site behind twitter account BreakingNewsOn, Mooney said:

“I am the person who coded the XSS which then acted as a worm when it auto updated a users profile and status, which then infected other users who viewed their profile. I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website.”

Whilst developing the site he learnt more and more about how Twitter worked, using that knowledge to exploit the service and direct people to his own site.

picture-132

According to social media blog Mashable (who covered the story wonderfully), Mooney was able to exploit the site by apparently making use of Twitter’s bio section. Inserting a script, creating multiple alternate Twitter profiles and having people visit those specific profiles would spread the worm fast across the network.

Twitter takes action

Twitter did eventually announce they had ‘closed the hole’ to stop the the spread of the various links and status updates. They made clear no passwords, phone numbers, or other sensitive information were compromised as part of this attack. No apparent apology however.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with