Slashdot Mirror

← Back to Stories (view on slashdot.org)

Twitter Gets Slammed By the StalkDaily XSS Worm

Posted by Soulskill on from the tweety-bird-gets-the-worm dept.

CurtMonash writes "Twitter was hit Saturday by a worm that caused victims' accounts to tweet favorably about the StalkDaily website. Infection occurred when one went to the profile page of a compromised account, and was largely spread by the kind of follower spam more commonly used by multi-level marketers. Apparently the worm was an XSS attack, exploiting a vulnerability created in a recent Twitter update that introduced support for OAuth, and it was created by the 17-year-old owner of the StalkDaily website. More information can be found in the comment thread to a Network World post I put up detailing the attack, or in the post itself. By evening, Twitter claimed to have closed the security hole."

11 of 145 comments (clear)

  1. To hire or to jail, that is the question by BadAnalogyGuy · · Score: 5, Funny

    A 17 year old is old enough to understand the ramifications of his actions to a reasonable extent. He no doubt understood that releasing a worm like that would be met with an unfavorable reaction. But he did it anyway. In this sense, he is a potential menace to the Internet.

    However, he is still in his formative years. His abilities could be nurtured in productive directions and we could have the next Edward Dijkstra in the making.

    So do we punish him and turn him to the Dark Side? Or do we show him love and respect and turn him? There is still good in him. I can feel it.

    1. Re:To hire or to jail, that is the question by moderatorrater · · Score: 2, Funny

      RT: @rs79 "I say anything that slows down the spread of those fucking annoying twitter people is a good thing and he should be awarded a medal.

      Tweet this, bitch."

  2. Clearly he should be made to by Colin+Smith · · Score: 2, Funny

    Go and manually run anti virus software on every infected PC.

     

    --
    Deleted
  3. Re:author found. Now what? by berend+botje · · Score: 4, Funny

    Hang him, I'd say.

  4. Re:I saw this. by sakdoctor · · Score: 4, Funny

    You have used the verb "tweeted".
    Ninjas have been dispatched to your location, to make sure you don't do it again.

  5. Re:author found. Now what? by jrothwell97 · · Score: 2, Funny

    Drop him into the jaws of the Great Whale of Fail, while forcing him to follow Robert Scoble and Bill O'Reilly.

    --
    Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
  6. Ob. Penny Arcade by slushdork · · Score: 2, Funny

    Le Twittre - pretty much says it all...

  7. Re:author found. Now what? by morgan_greywolf · · Score: 5, Funny

    I tried, but they closed down the Microsoft Pub.

    --
    My blog
  8. Spell Twitter by wfstanle · · Score: 3, Funny

    Remember, you can't spell "Twitter" without using the word "twit".

  9. Re:author found. Now what? by Ihmhi · · Score: 2, Funny

    Don't worry, the Linux pub is better. The beer is free, and you can get a copy of the beer's recipe anytime you like!

    --
    Random Thoughts From A Diseased Mind (Not For Dummies)
  10. Re:author found. Now what? by Anonymous Coward · · Score: 5, Funny

    Yeah, but if you ask for a beer the bartender calls you a N00B and if you ask what beers are available he tells you to RTFMenu.