Twitter has put a stop to a vicious worm that posts obscene messages to victims' Twitter profiles using a cross-site scripting (XSS) exploit similar to a previous flaw discovered last week which exploited 'mouseover' functions.
Twitter users whose account profiles were infected with this new worm received obscene and vulgar tweets followed by a URL link that aided in spreading the attack to followers. Various Twitter users affected by this worm reported seeing a vile message that read "I love anal sex with goats". This message only appeared on a Twitter user's profiles after clicking on a link that followed the tweet "WTF". The link seemed harmless after clicking it as it sent users to a blank web page. In reality, the blank web page used a script code called CSRF (cross-site request forgery) which is a method that was used by hackers to automatically post a tweet on the visitor's Twitter profile. By posting the link on followers profiles, the worm was able to spread to other Twitter users.
According to some security researchers, this worm was able to spread very quickly over the weekend to an unknown number of Twitter users. We believe that it spread so fast due to the curiosity that arises when a message that reads "WTF" followed by a link that's posted on a Twitter user's profile. Usually the obscene acronym "WTF" naturally draws the attention of people because it could be anything that someone may be furious about. Wouldn't you click a link on a Twitter profile that you follow when they post a Tweet that says "WTF" followed by a link?
Twitter has posted an updated to the hacking worm linking situation on their status blog explaining that they have already fixed the exploit while they are currently in process of removing the offending Tweets.
A cross-site scripting (XSS) exploit similar to this Twitter hijacking worm was recently used in a 'mouseover' hack less than a week ago which redirected Twitter users to porn sites. It seems this method for attacking Twitter has become relatively popular for hackers and we may see more of it in the near future.
Due to these recent outbreaks of attacks against Twitter, it is highly advisable that users use extra caution when using Twitter. Social networks are a prime target for malware this year and do not expect the relentless hackers to back down any time soon. Twitter users should view our Top 6 Crucial Tips to Avoid Malware via Twitter to help you avoid situations such as the latest attack using a hijacking worm. Our tips even give you a way to block cross-site scripting (XSS) exploits which is the culprit of the two most recent attacks against Twitter.
Remember, 'curiosity killed the cat'. Don't let it get the best of you. 😉