Andy Hayter, Anti-Malcode Program Manager at ICSA Labs, has put together some brief facts about the Twitter worm.
- The Twitter worm that began to spread on Easter Sunday is a cross-site scripting worm that spreads in Twitter profiles.
- During the first outbreak, Twitter users will receive unsolicited messages with the URL www.stalkdaily.com in the subject. DO NOT GO TO THAT WEB SITE! The second outbreak, which started later on Sunday, contained the phrase “Mikeyy” or “mikey” in it.
- The third version of the attack uses “bit.ly” to add shortened URLs to a message that reads something like “How to remove new Mikeyy worm! RTM!!”
- The only effect of this worm at the moment is to modify a person’s Twitter profile.
- Malware researchers are still investigating this worm. Twitter has taken action on its end to mitigate the problem.