saturday night unspecial: stalkdaily worm hits twitter.

Is it possible to create a viral script that can invade your account just by mousing over a link? Having encountered the StalkDaily virus, I’m sorry to say the answer appears to be yes.

Happened earlier this evening as I visited accounts of new people who had started following me on Twitter. One thing I look for in a profile is whether the user has a blog, and I saw that one (a fellow Mariners fan; hasn’t she suffered enough) had her home page listed as http://www.stalkd… (with a character limit). Curious what kind of blog name that may be, I moused over it, which usually reveals a link name in the bottom left of my Firefox browser. No name appeared. That should have been my first indication something was amiss.

I returned to my Twitter page and after a refresh saw that my account was listed as telling other people to visit StalkDaily[-dot-]com. Repeatedly. I was confused. So I clicked onto my profile page and saw that this address was now listed as my Web home page. Somehow, just by the mouseover enabling some Javascript function (if that’s the right word; I’m not hardcore technical at all), my listed home page changed and some kind of feed bringing these messages through my Twitter account had become enabled. The simple and insidious nature of the invasion struck me as quite breathtaking.

To mitigate, I deleted those tweets, changed my Web page back, created a new password and logged out. I found other sites that recommend clearing your cache and your cookies as well, so I complied as best I could. The Twittercism blog gives more information, and TechCrunch says it appeared to be an XSS attack. Great. New acronyms to fear.

Interesting that the viral attack was counterattacked via viral marketing, as a few Tweeps started warning everyone about it and then the information was retweeted (RTed) around the Twitterverse. If there are heinous folks out there figuring out ways to infect us when we merely mouse over a link — until now not a harmful maneuver — it’s good to know that the human desire to help and warn one another is as strong as ever.



Filed under Web

4 responses to “saturday night unspecial: stalkdaily worm hits twitter.

  1. Ron

    It’s one of the reasons that Twitter bothers me. It doesn’t provide context. If I read tweets on my phone, I can’t often go directly to the links if I’m using a 3rd party tool and the shorter URLs are the culprit.

    I think it’s going to be kill the party before it really gets going, if they don’t find a way to fix it.

    Sorry it happened to you, but glad you were able to nip it in the bud, at least.

  2. Jess

    Ugh. Great. Twitter’s reached the point where pple are going to pull this crap. Hope yer account is ok! 😦

  3. insidetimshead

    RON: I think that’s what shocked me the most; if this was an invasion triggered by a mouseover, are we safe in the world of truncated URLs? Moreover, links are how we navigate the Web; to not trust any links (even to mouse over) is like closing down the best roads!

    JESS: It seems to be righted. You rest assured any future annoying Tweets are actually my own annoying messages!

  4. lizzy

    Gah! I saw it in the twitter trending topics so i clicked on it to see what it was. Then I googled it because I didn’t know what it was. By that point it might have been too late. Luckily I don’t have a bio of any sort on my twitter, which seems to be where it’s popping up. I did all the security stuff, though – cleared my cache, cleared cookies and reset my password. It seems like some people work awfully hard simply to irritate other people.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s