If you are an avid user of Twitter, then you have probably heard about the worm that spread via the popular social networking site this weekend. Once infected the worm would infect your Twitter profile and then begin to blast out Tweets using your account information. From most accounts this appears to be the largest virus or worm that has targeted Twitter. So how did the attack happen?
It appears that the worm that infected Twitter this weekend was due to a hacker exploiting the site via a XSS attack. Apparently, you could post script code on your profile page, and this is where the attacker inserted the malicious code. It then spread the same way through infected profiles.
This is a VERY good reminder for all developers to be aware of XSS and how to prevent these attacks in your applications. I will post some articles soon on how to deter such an attack in your code.
It surprises me that the twitter developers had their heads in the sand like this. This is exactly how that big MySpace worm spread a couple of years ago. I thought that incident would have alerted all developers to these threats, so it surprises me that twitter allowed this to happen.
Posted by Jake Munson | April 12, 2009, 12:42 PMIt is very surprising that such a large site had a security hole this open. It’s also surprising that someone did not point this out to them a long time ago.
Posted by Mike Fleming | April 13, 2009, 7:10 AM