Home : Blogs : Mark Menzella -We build websites for Realtors : Mark's Blog

Twitter and StalkDaily.com Worm

By now most of the Twitter users probably heard Twitter was hit with a potentially harmful virus.

For those who did not see the posts around the net here is what basically happened.

Twitter profile pages are being infected with cross site scripting (XSS) attack. What this really means is that Twitter profile pages are being compromised by hidden javascript. When you visit an infected profile page, this script runs and infects your Twitter account. The script then send Tweets out to your followers to visit StalkDaily.com. The virus also inserts itself into your bio pages, allowing your bio page to become a host to infect others.

StalkDaily had said they are not the orginator of the attack.

If you are infected do the following:

1. Go to your Twitter account settings and switch your bio back to the normal setting.

2. Clear out your cache and cookies from your browser.

3. As a precaution, change your Twitter account password.

Twitter was pretty fast on knocking this down and posted this their status page:

Earlier today we were informed of a malicious site that was spreading links to StalkDaily.com on Twitter without user consent via a cross-site scripting vulnerability. We've taken steps to remove the offending updates, and to close the holes that allowed this "worm" to spread.

No passwords, phone numbers, or other sensitive information were compromised as part of this attack.

Posted by Mark Menzella -We build websites for Realtors on 04/12/2009 10:30 AM

Comments (36)

Twitter in the Online Marketing Channel

twitter, stalkdailycom worm

Post is included in group: The Lounge at Active Rain
Post is included in group: Technology
Post is included in group: Making Websites Work - Realtors on the Internet
Post is included in group: Making Real Estate Better with Technology
Post is included in group: Extra Mile Solutions - Tech Tips & Web Development

36 Comments on Twitter and StalkDaily.com Worm

APR

We're doomed.

Thanks for the warning, Mark.

Tom Larsen

www.nypropertyinsurance.com

oh dang, I just got twitter this week and already I could be infected? what happened to a honeymoon?

Thanks for letting me know. I saw the tweets from fellow Tweeters but I checked my account and I was one of the lucky ones. Whew!

Thanks for letting us know. I will check our account right away. Happy Easter.

Hey, do you know what's going on with Facebook? I've been getting a ton of spam from Facebook lately. The subject title is generally a name with no space between first and last name, saying so and so has sent a message from Facebook.

Ack...I knew it was too good to be true. Why do I try these new-fangled things? :) Thanks for the warning.

I appreciate the update, Mark...

Mark - thanks for the warning...I hadn't heard about this. Happy Easter!

I agree with Lenn. Life is probably over as we know it and my 51 followers are going to be very disappointed... (I think...'cause who the hell are these people anyway ;)

Happy Easter!

I haven't been on Twitter for two days. I know hard to believe. Hope nothing was messed up, I'll still change PW

Thanks for the heads up. I'm headed over now to take care of it!

It's the end of the world as we know it, but unlike REM I don't feel fine.

Thanks for the notice, Mark. TechCrunch has a post with updates from Twitter saying that this has been fixed. I'm glad to see they were able to handle it so quickly.

did you read the article about the teen that wrote it? ... and why

Thanks for sharing this information, Mark. I had not heard this news, so I appreciate the heads-up!

Mar,...thanks as I haven't heard about this...so glad this waas fixed.

There are always these new viruses, worms, malware.... Who is it that has the time and intelligence and desire to create such terrible things??

Thanks for the information. I am glad they fixed the situation.

Have a great day!

Mark...

Damn. I knew something was going on at Twitter. My AVG has been giving me warnings about the site for the last week. I almost changed my security settings. Now I'm really glad I didn't and heeded those warnings. I scanned my pc last night so I am good to go. You just gotta love AVG when it stands between you and the roaches out there :)

TLW...ROAR!

Three words . . . bye, bye birdie!

Thanks for the info

www.TeamConnect.biz

Thanks for sharing the information. Will update and follow your advice.

Thanks for the update.

I can't even access my Twitter Account

Mark - I'm glad you posted this. I was away while my wife and I welcomed our fourth child into the world on Thursday, and I hadn't heard anything about this at all.

Thanks for the warning

Mark - thanks for the warning, and the solution! I checked mine & didn't see anything amiss, but such are the vulnerabilities of the exploding social media networks. You gotta take the little bad with the lotta good!

Glad I don't have Twitter yet!

Mark, thanks for posting, I had heard a rumor but not all the details.

Thanks for the reminder... I seen this the other day.. how can we find out if we got infected ?

I had not heard about this. Thank you for posting this and giving us a heads up.

Maureen;

Yeah I read the post a few hours later. For those who did not, a teem from Brooklyn claimed responsibility and said he wrote it out of boredom and he is also the owner of stalkdaily.com. Here is a post from CNET (http://news.cnet.com/8301-1009_3-10217684-83.html). He also wrote a 2nd worm in which the posts were; "Mikeyy I am done...," "MikeyyMikeyy is done.," and "Twitter please fix this, regards Mikeyy."

Jason - Congradulations!!!!

APR

Mark - Thanks for the heads up on this. I hadn't heard anything, but will check my twitter account now.

Thank you very much and away to check my twitter page I go!

JUN

thanks for the warning from a new twitter!!

Leave a response…

Name:

Email:
(optional)

Comment:

What does the graphic say?