Twitter Shuts Down Second Worm In A Week
The worm attempts to lure users with the subject "WTF" followed by the malicious link. Once they click, users are taken to a blank Web page that contains malicious code using a cross-site request forgery. The malware then automatically sends out vulgar tweets to Twitter from the user's account.
"Chances are that the reason why this attack spread so speedily is that people were curious to find out what they would find at the end of the link only described as "WTF," said Graham Cluley, senior technology consultant at U.K.-based Sophos, in a blog post.
Twitter posted an update on its blog Sunday evening reassuring users that it shut down the attack by addressing the cross-site scripting error, disabling the malicious link and removing the offensive tweets.
Security researchers say that the worm, while initially harmless, does indicate a serious security flaw in Twitter that could be exploited by more malicious attackers down the road.
"The attack has highlighted an obvious security problem in Twitter which must be addressed as a matter of urgency -- otherwise we can expect further, perhaps more dangerous, attacks," Cluley said.
The latest attack follows less than a week after Twitter users were bombarded with a much more widespread attack that retweeted posts, and sent pornographic and multi-colored tweets from their accounts, which occurred when they rolled over the tweets with a mouse. The attack, which came in the form of an Internet worm, exploited a cross-site scripting vulnerability that re-emerged in August with a Twitter site update.