Comments on: Worm infiltrates Twitter

Micro-blogging site gets infected with the StalkDaily worm. Details about the worm are scarce, but there are tweets aplenty.

[WayneSmallman]

Is this anything to do with the "Mikeyy! Wooo!" thing I keep seeing?

[gertruded]

Remember, these worms are only if you are running Windows operating system.

[this1!]

funny.

[In-Cyde]

It's an XSS attack, it will work with any browser, any OS.

Mac-fanboy go away.

[In-Cyde]

Just to clarify, the issue is with poor input validation and intrusion testing at Twitter, not your client computer.

[gggg sssss]

@In-Cyde and Twitther runs on linux. Wow

[Random_Walk]

@gertruded: I'm not so sure. This seems to be something based on Java/JavaScript, or some other web-enabled tech. It seems to infect your profile on Twitter, not your local computer. I'll wait for more details before saying much about whether the user's operating system (or web browser) is a factor.

[bloggerman]

Junk site anyhow, it'll teach the poor souls to learn how to harden a machine and therefore have a RELIABLE security team that knows *** they are doing.

[grecs]

This looks like some type of JavaScript attack. I wish we weren't so reliant on scripting. NoScript can be very useful for selectively enabling scripting on sites. It might not have worked that well for this though. It depends if scripting was running in the context of Twitter.

[Steve_KTG]

I can see the conundrum in spending a fortune on IT and security when your firm still hasn't hit the magic marker of joining the "green team" yet. However, attacks like these are probably the only thing that could stop twitter from being all it can be. www.justaskgemalto.com has some good articles on the risks of social networking. Probably wise to be aware of, especially if you are going a little commercial with it like most of us are.