Twitter wrestles with fourth worm attack
Hints that it will take legal action against hackers
Computerworld - Another worm attack early Monday on Twitter kept the microblogging Web service chasing down infected accounts and deleting rogue tweets.
"Late Sunday night and into the wee hours of Monday we fought off a fourth attack," said Biz Stone, co-founder of Twitter, in an update to a blog post he originally published Sunday. "Once again, we secured the compromised accounts and deleted any material that would further propagate the worm."
The newest attack -- which followed a pair of worms Saturday and a third Sunday -- originated from a just-registered account labeled "cleaningUpMikey," said F-Secure Corp.'s chief research officer, Mikko Hypponen. Today's copycat worm infected account profiles of people who clicked on the sender's name or image in tweets like, "How TO remove new Mikeyy worm! RT!! http://bit.ly/yCL1S."
"A message like this is particularly nasty, as there were plenty of re-tweets of this malicious message sent by genuine users," Hypponen said in a blog post just minutes after Monday's attack began. "The bit.ly link got redirected back to Twitter, to user reberbrerber's profile & which would infect Twitter users who viewed it."
Twitter has since deleted the cleaningUpMikey account and the tweets it and other infected accounts spawned.
Also on Monday, Twitter again emphasized that while the worm attacks have been a nuisance, they haven't stolen any user account information. "No passwords, phone numbers, or other sensitive information were compromised as part of this renewed attack," the service's status page said early this morning.
Twitter has not responded to questions posed Sunday about the attacks, specifically about whether it had, or would, contact law enforcement officials. According to some reports, and his own Web site, teenager Michael "Mikeyy" Mooney took responsibility for the worms that circulated on Twitter over the weekend.
In his updated blog today, Stone hinted that the company would take legal action against the worms' creators. "The worm introduced to Twitter this weekend was similar to the famous Samy worm, which spread across the popular MySpace social-networking site a while back," Stone wrote. "At that time, MySpace filed a lawsuit against the virus creator, which resulted in a felony charge and sentencing. Twitter takes security very seriously and we will be following up on all fronts."
MySpace sued, and in January 2007 Kamkar pleaded guilty to a single felony count. He was sentenced to three years probation and 90 days of community service.
- 5 Twitter clients for Linux
- Twitter brings the data back in-house with Gnip buy
- Twitter crashed -- again -- on Tuesday
- Twitter's slipping user growth spooks investors
- Get ready to tweet your questions for Twitter's first earnings call
- Super Bowl sets Twitter record, as Volkswagen launches social war room
- Perspective: Twitter's success opens up IPO pipeline
- Update: Twitter goes public at $45 a share
- With IPO cash influx, Twitter could be bigger threat to Facebook
- Ahead of IPO, Twitter shines up multimedia image
Read more about Security in Computerworld's Security Topic Center.
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!