Limited damage caused by tweet-eating worm
Twitter is recovering from a malware attack similar in nature to that of the Samy worm which successfully knocked the MySpace social networking service offline a couple of years ago.
The micro-blogging service was hit by four attacks over a weekend extended by public holidays, and at one stage the company said it had “identified and deleted almost 10,000 tweets that could have continued to spread the worm.”
The company has said it worked to secure the compromised accounts and has deleted any material that would further propagate the worm.
It explained in an official blog that it is still reviewing all the details of the malware offensive and will be evaluating its web coding practices to understand what it can do better to prevent them in the future.
This is not the first attack that has been reported on Twitter, but it is one that will be being monitored closely by enterprise security managers conscious that the service is increasingly finding favour among office workers.
The attack comes only days after F-Secure Corp had warned that users of social networking sites have become an attractive target for cyber criminals and fraudsters.
Password compromised accounts, resulting either from phishing or password stealing malware are being used to scam social networking friends of the victim, the software security supplier noted just last week.
Last month 750 Twitter accounts were confirmed as having been compromised and used to propagate malicious links that led to online porn.
It has also been reported that Twitter could be vulnerable to so-called clickjacking attacks, leading to automatic posts to user accounts.
Twitter has stated that no passwords, phone numbers or other sensitive information was compromised as part of these latest attacks.
It said, The worm introduced to Twitter this weekend was similar to the famous Samy worm which spread a while back. At that time, MySpace filed a lawsuit against the virus creator, which resulted in a felony charge and sentencing. Twitter takes security very seriously, and we will be following up on all fronts.