Yesterday Twitter was hit by a worm. This is the first serious worm attack on Twitter. At first the reports were very mixed, some said you got infected by visiting StalkDaily, others if you visited a Twitter profile page. The affected Twitter accounts would tweet this message:
Hey everyone, join www. StalkDaily. com. It’s a site like Twitter but with pictures, videos, and so much more! 🙂
It turns out the worm can be contracted by visiting affected Twitter profile pages. The symptom was the above mentioned tweet. The StalkDaily Worm is just as easy to remove as it is to contract it. You have to make sure that the URL in your Twitter profile page is as it should be.
It could look like this:
If you are using a Twitter client you should be safe, but if you use a web-client stay away from suspicious looking profile pages until they look safe.
Twitter closed the security hole (cross-site scripting vulnerability) 3 hours ago and are assuring us that no vital information was lost. Twitter also recommends that you reset your password. @spam says:
If you have been locked out of your acct due to the StalkDaily issue, pls do a p/w reset; we may have reset your p/w for safety.
I am the person who coded the XSS which then acted as a worm when it auto updated a users profile and status, which then infected other users who viewed their profile. I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website.
Contrary to what some sites might say, StalkDaily has claimed full responsibility for the attack.