Worm created by bored teen still torments Twitter users

The malicious worm affecting Twitter over the weekend has now mutated and continues to invade the popular microblogging network.

Although Twitter is taking action against the problem, security analysts fear that further mutations of the worm will continue to wreak havoc on the network over the week.

Related stories:

Use Twitter smartly and safely for work n’ play

How to choose the best and most secure Web browser

User education key to IT security: Microsoft

The worm, appearing as “Mikeyy” or “StalkDaily”, was created by the 17-year-old Mike Mooney “out of boredom” and is now generating thousands of spam messages containing the word “Mikeyy.”

This is the fourth attack by the worm in the last four days, which sends Twitter messages from infected accounts, without the owners’ knowledge.

How to keep safe from Mikeyy

First of all, experts advise Twitter users not to click on any links from messages containing the words “Mikeyy” or “Stalkdaily.”

It is recommended you use third-party Twitter desktop clients like Twhirl or TweetDeck (both PC and Mac) and that you do not use the Web-based version of Twitter, especially for viewing user profiles (as this is where the attack seems to originate).

As an additional security measure, you can disable JavaScript in your browser. Firefox users can use the no-script add-on, which stops any unwanted scripts from running.

How to remove Mikeyy

If you’ve noticed any suspicious activity from your profile that includes the words above, then most certainly you’re infected. It is very important for users not to retweet (RT) any of the fake messages.

Clear your browser cache and turn off JavaScript. Log into Twitter and delete any messages your profile automatically posted that contain the word “Mikeyy”.

You can turn JavaScript back on so you change your bio and URL, and reset your color scheme from your profile.

Additionally, changing your password could be a safe measure.

After all the steps above were completed, log out of your account and you can continue using Twitter via a desktop client.

The worm — introduced to Twitter over the weekend –resembled the notorious famous Samy worm that spread across the MySpace social-networking site a while back.

A lawsuit was filed by MySpace against the worm’s creator, Samy Kamkar. Following his plea agreement, to a felony charge in January 2007, Kamkar was sentenced to three years probation, 90 days community service and an undisclosed amount of restitution.

Lessons learned

In a blog post on Sunday, Twitter co-founder and creative director, Isaac “Biz” Stone hinted at similar action against the perpetrator of StalkDaily.

“Twitter takes security very seriously and we will be following up on all fronts,” he said.

Up until the wee hours of Monday morning, four separate waves of the worm attack hit Twitter, Stone said in his blog.

He recounted some of the steps being taken by the Twitter security team to identify and secure compromised accounts from Saturday onwards. These include:

  • Eliminating the vectors that could identify the worm
  • Identifying and deleting malicious content that could work to further spread the worm.
  • Removing any content that might help spread the worm. “All told,” he said, Twitter security folk identified and deleted almost 10,000 tweets that could have continued to propagate the worm.

A learning experience

Harrowing while this attack may have been, it’s been a valuable learning experience for folk the Twitter.

“Every time we battle an attack, we evaluate our Web coding practices to learn how we can do better to prevent them in the future,” Stone noted.

He promised a “full review” of the weekend activities covering everything — how the attack happened, how Twitter security reacted, and the preventive measures introduced.

“In addition to making Twitter stronger and more secure, we will share the information we have learned with our friends at other popular Web based services so they can make sure they have the right systems in place for dealing with the same kind of malicious activity,” the Twitter co-founder said.

Source: PCWorld.com

Share on LinkedIn Share with Google+