Twitter's Got Worms; Here's What it Means

The twin worms took turns attacking social networking and microblogging site Twitter this weekend, along with what its operators say was a small number of users. For now, the site is still under attack and its security team is working on it.

For the moment, know that those who are hit are only facing momentary embarrassment or aggravation. From first-hand experience (I use Twitter and the StalkDaily worm hit my page on Saturday night,) I can tell you that it was over, and easily corrected, in a few minutes. Twitter said the first round impacted about 100 accounts - - evidently, including mine and, for instance, syndicated talk radio host Tammy Bruce's.

My Twitter page encountered the worm when I clicked on another Twitter page that had been infected; a malicious, cross-site script wormed its way onto my page, sent out bogus messages, and embedded a suspect URL onto my page. In a matter of minutes I deleted the script, changed my page back and, for good measure, re-set my password.

But what was startling was the speed at which pages were impacted, and the fact that Twitter has been on to the worms for three days and has still been unable to cleanse its site completely of the malicious code. With as many as 7 million people around the world using Twitter to communicate, share links and socially network, the prospect that smarter hackers will inject more malicious code onto the site in the coming days, weeks and months could be chilling.

id
unit-1659132512259
type
Sponsored post

As much as businesses have been encouraging employees to use social networking sites like Twitter, they'll now have to reassess what it means for them in terms of IT security risk. As much as individuals have latched onto Twitter as an important new site for communication and social exchange, they may want to keep a wider eye for suspicious behavior and activity. Everybody will need to keep their anti-malware applications up to date and active.

And Twitter will need to find a way to make sure the worm turns and its subscribers don't bolt for more secure sites.