Twitter has posted an update on went occurred from their perspective. In summary, it appears that they have had to deal with three rounds of malicious attacks, they identified and deleted almost 10,000 tweets in total that could have potentially spread the worm.
It looks like they may be taking legal action, just as MySpace did when a similar worm was unleashed.
Created by the same 17 year old StalkDaily developer Mikey Mooney, the worm apparently uses the same method of infiltration – one which Twitter had supposedly fixed.
Similarly, this worm infiltrates Twitter profiles and posts status messages such as:
Man, Twitter can’t fix sh*t. Mikeyy owns.
Dude, Mikeyy is the sh*t!
Twitter should really fix this…
As we mentioned earlier, Mikeyy appears to be doing this primarily out of boredom. In an email he states:
“I am the person who coded the XSS which then acted as a worm when it auto updated a users profile and status, which then infected other users who viewed their profile. I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website.”
To keep yourself safe, you are advised to:
4.get pword reset
5. Clear Cache
6. Try not to visit Twitter profiles (use a 3rd party app)