Twitter worms: high risk or high noise?

Twitter was attacked by at least two worms over the weekend, causing an enormous amount of noise across the tech blogosphere and on Twitter itself (see our coverage of the first worm here.)

The stupid kiddie behind the attacks has come forward, and from all accounts the worm(s) are now in check. And yet the noise continues….and continues…and continues. People tweeting to other people not to click on links with Mikeyy in them (ironically usually including a link in the tweet.) Requests to Twitter by the hundreds and possibly thousands asking for them to act on the worms.

But lets check some numbers.

According to Twitter, the first worm infected “about” 90 accounts on Saturday morning US PDT. A second wave (presuming the same worm, Twitter doesn’t say) infected about 100 accounts. The number of accounts infected by the newer “Mikeyy” worm wasn’t given, but Twitter said that deleted “almost 10,000 tweets that could have continued to spread the worm.” We don’t know out of that how wide that net was cast (that is, whether all Tweets deleted actually included the worm), or whether single accounts may have had multiple tweets (a screenshot at F-Secure suggests that it sent out multiple and different messages). At the most 10,000 accounts were infected, but it’s more likely that the number was a few thousand at most.

This isn’t to say that the emergence of these exploits is a good thing; take it as a given that it’s not. But there are around 6 million active users on Twitter (see the Wikipedia entry here), and possibly 10 million or more accounts. The number of people infected by the worm? At 1000 infections from 10 million accounts, the odds are 0.01%. At 10,000 infections its 0.1%. And those stats are with the worm being new; now that Twitter knows what to look for, the chances of these rates being repeated in a new attack would likely be lower again.

According to a range of statistics (take your pick) between 20-60% of PC’s are infected by viruses.

Lots of noise, not a lot of risk.