Slashdot Mirror

← Back to Stories (view on slashdot.org)

Twitter Hit With Second Worm In a Week

Posted by CmdrTaco on from the security-is-hard dept.

adeelarshad82 writes "Days after a site update unleashed a Twitter cross-site scripting attack, the micro-blogging site was again hit with a bug that spread via questionable links. The offending messages appeared on a user's Twitter feed with 'WTF:' followed by a link. If you clicked on that link, you were taken to a blank page, but behind the scenes, the worm would post vulgar messages on your account that discussed, well, sex involving goats."

10 of 97 comments (clear)

  1. Goatse Worm? by WrongSizeGlass · · Score: 3, Insightful

    It's no surprise that you could get worms from having sex, well, with goats.

  2. Re:Great - more 4Chan? by Dancindan84 · · Score: 2, Insightful

    You have to use twitter and be the type of person who clicks on questionable links without regard. This worm sounds like watching Darwinism in action in the digital age.

    --
    "Always forgive your enemies; nothing annoys them so much." - Oscar Wilde
  3. Re:Call me hysterical if you will... by neumayr · · Score: 2, Insightful

    Hehe, good choice. But please be aware that you have no idea of knowing how much of my code you're already running ;P

    --
    Truth arises more readily from error than from confusion. -Francis Bacon
  4. Re:Great - more 4Chan? by amicusNYCL · · Score: 4, Insightful

    You have to use twitter and be the type of person who clicks on questionable links without regard.

    Which of these links is "questionable":

    http://tinyurl.com/2tx
    http://bit.ly/heezy
    http://xrl.us/bh2p3m

    That's what all of the links on Twitter look like, which are OK and which are questionable? How does one distinguish?

    --
    "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
  5. Re:Great - more 4Chan? by Dancindan84 · · Score: 5, Insightful

    All of them. I don't click on shortened URLs. Nor should anyone who isn't a Rick Astley or Goatse fan.

    --
    "Always forgive your enemies; nothing annoys them so much." - Oscar Wilde
  6. Re:I guess this script is baaaad for you. by miffo.swe · · Score: 3, Insightful

    The fucking point of the internet is klicking on links. Playing whack a mole with stuff like antivirus, antispam, antiwhatever suggests your operating system is broken. If you have to verify every damn link you could as well just go for chess by physical mail and penpals instead of the internet.

    The user uses the internet as intended, the developers, not so much.

    --
    HTTP/1.1 400
  7. Re:I guess this script is baaaad for you. by Anonymous Coward · · Score: 3, Insightful

    So you're saying that every single time a friend posts a link, you phone or email them and ask if you actually posted a link, and want a description of the page linked to?

    Wow... you're a douche. If you were my friend, I'd have long since put you into a group that can't see my updates, or just de-friended you altogether.

  8. Re:The early bird... by _PimpDaddy7_ · · Score: 1, Insightful

    OMG, I gotta retweet that!

    -Tweet Tweet!

  9. The Revolution by Beelzebud · · Score: 1, Insightful

    Will not be Tweeted.

  10. Re:Great - more 4Chan? by Dancindan84 · · Score: 2, Insightful

    So people send a URL to a shortening service and receive a shortened URL they can post/send to me, and I can use a GreaseMonkey script that contacts the service and caches results to decode that shortened URL into the original URL they shortened... I understand we're not in the days of memory being measured in KB or 9600 baud modems, but this is retarded. Most phones aren't even bound by a character limit in SMS anymore. If a URL is stupidly long due to variables being sent, it's not hard to shorten a link without a stupid 3rd party service. Is it?

    --
    "Always forgive your enemies; nothing annoys them so much." - Oscar Wilde