Sunday, April 12, 2009

Twitter Worm Outbreak Over Easter

Via F-Secure -

A cross-site scripting worm was spreading in Twitter profiles for several hours last night.


Many people followed the links to, as they believe the messages to be genuine Tweets from their friends. A cross-site script on the site then caused new users to start to Tweet the same messages.


As expected, the whole worm was a publicity stunt by

You can see the latest official status of Twitter from their status page at

We detect the script file as Worm:JS/Twettir.A

Updated to add: This is not over. There's going to be quite a few modified Twitter worms for a day or two. Be careful in Twitter, don't view profiles, don't follow links. It's beautiful outside, maybe go for a walk instead?

All these attacks are Javascript-based. Turn Javascript off if you're worried. More info here.

No comments:

Post a Comment