Slashdot Mirror

← Back to Stories (view on slashdot.org)

Twitter Hit With Second Worm In a Week

Posted by CmdrTaco on from the security-is-hard dept.

adeelarshad82 writes "Days after a site update unleashed a Twitter cross-site scripting attack, the micro-blogging site was again hit with a bug that spread via questionable links. The offending messages appeared on a user's Twitter feed with 'WTF:' followed by a link. If you clicked on that link, you were taken to a blank page, but behind the scenes, the worm would post vulgar messages on your account that discussed, well, sex involving goats."

16 of 97 comments (clear)

  1. Goatse Worm? by WrongSizeGlass · · Score: 3, Insightful

    It's no surprise that you could get worms from having sex, well, with goats.

  2. This is why... by thescreg · · Score: 5, Funny

    It took me awhile to realize what was going on. This is pretty much what I post about on Twitter anyway.

  3. Sex with goats? by The+Good+Reverend · · Score: 4, Funny

    Um, no, actually. That really was me.

  4. Re:where is that goatsex link when you need it? by ShaunC · · Score: 5, Informative

    WTF: Goatse

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  5. Re:I guess this script is baaaad for you. by Bill,+Shooter+of+Bul · · Score: 4, Informative

    No. This is a Cross site Request Forgery attack. The Script in this case, was on the linked site, not in the tweet.

    For those not in the know:

    OWASP Cross Site Request Forgery Prevention sheet Sheet

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  6. Re:where is that goatsex link when you need it? by Anonymous Coward · · Score: 5, Funny

    Now I've seen everything!

    A link to goatse is at "+2 Insightful" as I type this.

    A historical day at slashdot to be sure

  7. Yeah, yeah, yeah by microbee · · Score: 3, Funny

    blame the virus, you perverts!

  8. The early bird... by Anne_Nonymous · · Score: 4, Funny

    ...gets the worm.

  9. Finally by rudy_wayne · · Score: 4, Funny

    the worm would post vulgar messages on your account that discussed, well, sex involving goats

    Finally!! Something worthwhile on Twitter.

  10. Re:I guess this script is baaaad for you. by nacturation · · Score: 4, Informative

    This post explains it quite well: http://www.andrewnacin.com/2010/09/26/csrf-twitter/

    Essentially, just create one or more iframes, with the iframe source set to http://twitter.com/share/update?status=WTF+PAYLOAD

    As long as you're logged into Twitter via the web, it will auto-post that update without any request for permission from you.

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  11. Re:Great - more 4Chan? by amicusNYCL · · Score: 4, Insightful

    You have to use twitter and be the type of person who clicks on questionable links without regard.

    Which of these links is "questionable":

    http://tinyurl.com/2tx
    http://bit.ly/heezy
    http://xrl.us/bh2p3m

    That's what all of the links on Twitter look like, which are OK and which are questionable? How does one distinguish?

    --
    "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
  12. Re:Great - more 4Chan? by Dancindan84 · · Score: 5, Insightful

    All of them. I don't click on shortened URLs. Nor should anyone who isn't a Rick Astley or Goatse fan.

    --
    "Always forgive your enemies; nothing annoys them so much." - Oscar Wilde
  13. Re:Great - more 4Chan? by icebraining · · Score: 4, Informative

    Or you could install this GM script which expands them to the real URL without actually loading it.

    --
    Dilbert RSS feed
  14. Re:I guess this script is baaaad for you. by miffo.swe · · Score: 3, Insightful

    The fucking point of the internet is klicking on links. Playing whack a mole with stuff like antivirus, antispam, antiwhatever suggests your operating system is broken. If you have to verify every damn link you could as well just go for chess by physical mail and penpals instead of the internet.

    The user uses the internet as intended, the developers, not so much.

    --
    HTTP/1.1 400
  15. Re:I guess this script is baaaad for you. by Anonymous Coward · · Score: 3, Insightful

    So you're saying that every single time a friend posts a link, you phone or email them and ask if you actually posted a link, and want a description of the page linked to?

    Wow... you're a douche. If you were my friend, I'd have long since put you into a group that can't see my updates, or just de-friended you altogether.

  16. Re:where is that goatsex link when you need it? by Jedi+Alec · · Score: 3, Informative

    Next up: Twitter worms that discuss Natalie Portman naked and petrified, GNAA trolls and of course the classic penis bird.

    --

    People replying to my sig annoy me. That's why I change it all the time.