In association with heise online

12 April 2009, 11:40

StalkDaily worm crawls through Twitter

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Over Saturday, a worm which uses a cross site scripting flaw in Twitter profiles has been tricking users of the social networking service and directing them to Twitter has confirmed the problem and closed the vulnerability.

The worm consisted of JavaScript code hidden in the "Bio" section of the Twitter profile. A user would be sent to view another users profile which contained the script. The script would wait three seconds and grab the user name and twitter cookie for the user. It then used the Twitter API, with the users credentials to modify that users profile, adding the worm and sending tweets about

Twitter users should check their profile's biography field to see if it has changed and if so, reset it. Twitter has reset the password on a number of affected accounts and those users will need to request a new password to regain access.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit