Twitter Halts Vulgar Malware Attack - InformationWeek
IoT
IoT
Mobile // Mobile Applications
News
9/28/2010
11:09 AM
50%
50%
RELATED EVENTS
How Upwork Cut Zero-Day File Attacks by 70%
Oct 05, 2017
Upwork has millions of clients and freelancers that have to upload and download many files to and ...Read More>>

Twitter Halts Vulgar Malware Attack

Offensive tweets about goats hijacked user accounts using cross-site request forgery.




Slideshow: Top 10 Tech Newsmakers Of 2010
(click for larger image and for full photo gallery)
Beware vulgar messages about goats, at least on Twitter. That's because Sunday, Twitter began warning users that "a malicious link is making the rounds that will post a tweet to your account when clicked on."

The tweet in question turned out to be an attack that "spread vulgar messages [about goats] from many affected users' accounts" -- said Graham Cluley, senior technology consultant at Sophos.

That message was followed by "WTF" and a link. "Clicking on the WTF link would take you to a webpage which contained some trivial code which used a CSRF -- cross-site request forgery -- technique to automatically post from the visitor's Twitter account," he said.

Twitter users, however, would be none the wiser that they'd just stumbled into a CSRF attack, since after clicking the link all they saw was a blank screen. Meanwhile, the attack had already used the user's Twitter account to post more goat-related messages with malicious links.

"Some high-profile Twitter users, including Robert Scoble, fell foul of the attack," said Cluley. "Of course, having such popular Twitter users affected accelerated the spread of the message."

This attack follows a recent and arguably more dangerous attack that used a cross-site scripting vulnerability to craft a malicious link. All a user had to do was to move his or her mouse pointer over the link, and the malicious code could open pop-up windows or third-party websites.

For the goat-related attack, by late Sunday, Twitter said that it had "fixed the exploit" by disabling the links and was "in the process of removing the offending Tweets."

But Cluley said the underlying CSRF holes are "an obvious security problem in Twitter which must be addressed as a matter of urgency -- otherwise we can expect further, perhaps more dangerous, attacks."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll