main
Report a problem

Twitter worm caused by 17 year old, out of 'boredom'

Andrew Lyle   on 12 April 2009 - 18:01 · 53 comments & 12893 views

Advertisement (Why?)
Over the Easter weekend, Twitter fell victim to yet another attack against the micro-blogging service. This time the attacker was 17 year old Mikeyy Mooney, who claims full responsibility for the attack, saying "I am aware of the attack and yes I am behind this attack".

The attack was harmless in a sense that no passwords or users data was compromised or stolen, only leaving messages on peoples Twitter page such as "Dude, www.StalkDaily.com is awesome. What's the fuss?". The worm infected other Twitter users when someone visited another person's page, making the worm spread rapidly. The messages linked users to Mikeyy Mooneys own web site which offers similar features and style as Twitter does.

Mikeyy Mooney described how he carried out the attack, "I am the person who coded the XSS which then acted as a worm when it auto updated a users profile and status, which then infected other users who viewed their profile. I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website."

Twitter responded by saying it has since closed the hole that allowed the worm to spread and is working to removing the unwanted updates on peoples accounts.

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Andrew Lyle
User name: Andrew Lyle
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 53 additional comments
(1 reply) #1 Doli on 12 Apr 2009 - 18:23
I say Punish him. Would you trust his web site?
#1.1 Daniel Wired on 16 Apr 2009 - 16:58
I say hire him... If he did it when he's bored, he can make some money off of it... it isn't like he actually did any damage
(4 replies) #2 +what on 12 Apr 2009 - 18:31
What were his parents smoking when they gave him the name Mikeyy?
#2.1 WAR-DOG on 12 Apr 2009 - 20:10
what a curios last name... mooney... like money with an obsolete o
#2.2 Lord Ba'al on 13 Apr 2009 - 01:21
WAR-DOG said,
what a curios last name... mooney... like money with an obsolete o

At least his last name is not "Mouse".

Anyway, the security of Facebook is seriously lacking if just any bored kid can write a worm for it.
#2.3 _X_ on 13 Apr 2009 - 01:36
what said,
What were his parents smoking when they gave him the name Mikeyy?


"Just one Y? Are you insane? One more will do it, it will serve him in good stead for years of correcting himself on the phone or people automatically correcting it thinking its a typo".
#2.4 IbSta on 13 Apr 2009 - 01:47
Lord Ba'al said,
At least his last name is not "Mouse".

Anyway, the security of Facebook is seriously lacking if just any bored kid can write a worm for it.


You mean Twitter.
#3 Sam Symons Live on 12 Apr 2009 - 18:32
""I am the person who coded the XSS which then acted as a worm when it auto updated a users profile and status, which then infected other users who viewed their profile. I did this out of boredom, to be honest. I usually like to find vulnerabilities within websites and try not to cause too much damage, but start a worm or something to give the developers an insight on the problem and while doing so, promoting myself or my website." To be honest, it could have been much worse.
(2 replies) #4 nmeu on 12 Apr 2009 - 18:34
remember that movie sneakers ?? sometimes people pay people to break in.. a network.. a building.. it's kinda like a test of security. i've heard of several security consulting firms finding exploits.. making them apparent... them telling them after hoping to gain a new client. sometimes it's as sniffing out someones unsecured wifi AP knocking on their door and telling them.. i once dropped a txt file on my neighbors desktop in windows asking them to please secure their router. they prolly freaked and returned their router for being faulty or read the freekin manual. either way i never accidentally connected to their crappy network again. there are tons of ways to exploit twitter. punish him? nah... not unless they wanted to make an example out of him. much much worse can be done. and the bigger twitter gets, starts selling shares, etc much much much worse can be done.

just a thought.

happy bunny day
#4.1 vetEmuZombie on 12 Apr 2009 - 21:21
Printing a friendly message to their printer is much more effective... Of course... Printing a page of nothing but black did cross my mind...
#4.2 Pc_Madness on 13 Apr 2009 - 09:01
EmuZombie said,
Printing a friendly message to their printer is much more effective... Of course... Printing a page of nothing but black did cross my mind...


*sigh* Don't you watch scary movies? "I'm right behind you!" over and over and over :p
#5 phrea on 12 Apr 2009 - 18:35
This isnt much different from a xanga worm a while back that posted a message.

Link to article about xanga worm, notice the shoutouts lol.
(5 replies) #6 smooth_criminal1990 on 12 Apr 2009 - 18:36
Why punish him? I mean he didn't exactly do any harm did he? And I find it quite funny how how named his website and that its similar to twitter!
#6.1 LynxMukka on 12 Apr 2009 - 19:22
smooth_criminal1990 said,
Why punish him? I mean he didn't exactly do any harm did he? And I find it quite funny how how named his website and that its similar to twitter!


There's no excuse. It quite simply breaks the law.

I'm not a Twitter user thank god, but if he found a flaw, its better to report it rather than use it to your advantage and hinder other people's use of the website. Being 'bored' isn't an excuse.
#6.2 shhac on 12 Apr 2009 - 20:33
From my understanding of this article, nobody who uses twitter was "hindered".
You'll also find that just reporting security holes rarely motivates the developers to close them, which is why many security holes found also have the hole published publicly shortly after by the finders. What he did was motivate the hole to be closed before it was used for worse reasons by others who found it.
#6.3 DarkeSword on 13 Apr 2009 - 03:10
LynxMukka said,
There's no excuse. It quite simply breaks the law.

What law? I'm not challenging your asserting, I'm actually curious. Is a law actually being broken here?
#6.4 Frank Fontaine on 13 Apr 2009 - 15:15
Posting unwanted and unsolicited comments advertising websites is usually classed as a form of spam
#6.5 toadeater on 13 Apr 2009 - 23:08
LynxMukka said,
There's no excuse. It quite simply breaks the law.


Smart people shouldn't be put in jail for being smart, unless they cause real damage. He helped Twitter find an exploit in exchange for free publicity, there wasn't any harm done.
(3 replies) #7 Mr. Andrews on 12 Apr 2009 - 19:14
$10 to the first person to find a vulnerability in his website
#7.1 Sam Symons Live on 12 Apr 2009 - 19:38
Mr. Andrews said,
$10 to the first person to find a vulnerability in his website

LOL. Yeah, I'm sure he wouldn't be so keen on that.
#7.2 DaveHope on 12 Apr 2009 - 19:41
Sam Symons Live said,
LOL. Yeah, I'm sure he wouldn't be so keen on that.


Found a few bugs.

Just registered with 'login' and 'register' as accounts. Broke things - he's working to fix them though. For a while at least, people couldn't login or register due to my account creations

#7.3 lylesback2 on 12 Apr 2009 - 19:43
I hope that's sarcasm with the number of bugs I find, surely there is a hole somewhere LOL
(5 replies) #8 Doli on 12 Apr 2009 - 19:53
Look at his TOS #9:
9.You must not transmit any worms or viruses or any code of a destructive nature.
#8.1 vetmarkjensen on 12 Apr 2009 - 20:08
Oh, the irony! Good find!
#8.2 thealexweb on 12 Apr 2009 - 20:29
Doli said,
Look at his TOS #9:
9.You must not transmit any worms or viruses or any code of a destructive nature.


He didn't plan or actually destroy anything.
#8.3 Doli on 12 Apr 2009 - 20:31
I think its good to not "reinvent the wheel" but this guy just took Twitter's TOS and did a "Find and Replace all" to change the words "Twitter" to "StalkDaily" haha
#8.4 vetmarkjensen on 12 Apr 2009 - 23:20
thealexweb said,
Doli said,
Look at his TOS #9:
9.You must not transmit any worms or viruses or any code of a destructive nature.


He didn't plan or actually destroy anything.

Maybe you didn't see he used the word "or".
"worms"
or
"viruses"
or
"code of a destructive nature"

His code is a "worm", so meets the OR conditions, doesn't it?
#8.5 TechGuyPA on 13 Apr 2009 - 23:46
markjensen said,
thealexweb said,

Doli said,
Look at his TOS #9:
9.You must not transmit any worms or viruses or any code of a destructive nature.


He didn't plan or actually destroy anything.

Maybe you didn't see he used the word "or".
"worms"
or
"viruses"
or
"code of a destructive nature"

His code is a "worm", so meets the OR conditions, doesn't it?

(1 reply) #9 timster on 12 Apr 2009 - 20:50
if you're gonna write a worm/virus/trogan, make it do something that justifies the time you spent writing it
#9.1 WAR-DOG on 12 Apr 2009 - 22:06
he did, he got more visitors on his site
#10 WAR-DOG on 12 Apr 2009 - 22:17
#11 Glendi on 12 Apr 2009 - 22:56
Erm, he made another one later? http://www.bnonews.com/news/243.html
(1 reply) #12 +warwagon on 13 Apr 2009 - 01:31
Why wouldn't he just tell them ab out it? Why spam the site. Because then he is no better than the rest.
#12.1 splur on 13 Apr 2009 - 06:08
Where's the fame and glory in that? If you're good at something, never do it for free.
#13 random_n on 13 Apr 2009 - 03:05
#14 naap51stang on 13 Apr 2009 - 03:44
I say that we tie him to a tree, smear him in honey, let the bees & bears take care of him...out of boredom.
(2 replies) #15 nub on 13 Apr 2009 - 04:16
Yeah it was an annoyance, but no real harm. Props to the kid for finding the exploit.
#15.1 Doli on 13 Apr 2009 - 06:04
Well he says more are on the way so have fun if you use Twitter.
#15.2 cork1958 on 13 Apr 2009 - 10:14
Why do people even bother to use thiese worthless sites?

It amazes me!!
#16 soldier1st on 13 Apr 2009 - 07:25
they should ban him but before doing so give him a thnx for finding this vulnerability and say they fixed it and they should tie him to a tree and promote twitter on his body and let him get laughed at.
#17 Ruciz on 13 Apr 2009 - 12:06
Everyone is saying ban him.
Yet he found a hole which could render all usernames/passwords open to anyone.
Why not hire him?
#18 AlexMagik on 13 Apr 2009 - 12:44
his site is closed
#19 Geranium_Z__NL on 13 Apr 2009 - 15:33
Okay.. have fun banning him.. think he'll be back tho and Ill laugh at Twitter fail.
(2 replies) #20 Skwerl on 13 Apr 2009 - 17:03
What a douche. I can't stand anyone banal enough to be "bored."
#20.1 Atlonite on 14 Apr 2009 - 15:53
psh what else is there to do if it's winter and your snowed in you can only play with it so much befor it get boring LOL
#20.2 Skwerl on 14 Apr 2009 - 16:28
Atlonite said,
psh what else is there to do if it's winter and your snowed in you can only play with it so much befor it get boring LOL


Well, maybe one could pick up a book on the English language and brush up on things like capitalization and punctuation.
(2 replies) #21 TechGuyPA on 13 Apr 2009 - 23:50
[quote=markjensen said,][quote=thealexweb said,]
[quote=Doli said,]Look at his TOS #9:
9.You must not transmit any worms or viruses or any code of a destructive nature.[/quote]

1st off if you use Twitter as your only means of communication you have no life.
2nd - and please wake up ...TOS means "Terms of service" it has no legal or judicial function.
#21.1 Magallanes on 14 Apr 2009 - 13:21
Indeed, TOS is not a contract, is just a warranty policy + a copyrighted advice + another useless information without legal support.
#21.2 Doli on 14 Apr 2009 - 16:41
1st off... ok ... moving on from your twitter rant.
2nd - I am awake, I was just pointing out Mikeyy's TOS for his site.

Are you Mikeyy?

Last edited by Doli on 14 Apr 2009 - 16:46
#22 John Freeman on 14 Apr 2009 - 08:11
Well, good job. He didnt harm anyone. I also see him working in some security consultant company or smth in a few years.
#23 Magallanes on 14 Apr 2009 - 13:35
Is funny how they are giving so much credit to a stupid script kiddie. Apparently he just took the code of a previous worm then later he added some stuff and voila.. he is a instant genius.

The first rule of a (real) hacker is the anonymity, in opposite a script kiddie enjoy to be popular and usually they give away their name, address and even they put photos of their national-id.

So yes, script kiddies are weird like all net rats.

#24 Atlonite on 14 Apr 2009 - 16:00
"tweat" Today i walked my worm and we visited all of my "e-friends" "endtweat"

"tweat" tommorow the postie is going to bring me a real life"end tweat"
#25 TheShade on 14 Apr 2009 - 16:06
Why hasn't anyone thought of calling this a Tworm?

We've got Tweets on our Twitters. Now we've got Tworms on there too!

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1390) © 2000 - 2008 Neowin.net