« Two XSS Worms Slam Twitter | Main | Microsoft April patch tuesday addresses 8 security issues »

Twitter response to xss worm attack

Twitter has posted an entry on it's xss worm issues this weekend.

"On a weekend normally reserved for bunnies, a worm took center stage. A computer worm is a self-replicating computer program sometimes introduced by folks with malicious intent to do some harm to a network. Please note that no passwords, phone numbers, or other sensitive information was compromised as part of these attacks.

The worm introduced to Twitter this weekend was similar to the famous Samy worm which spread across the popular MySpace social-networking site a while back. At that time, MySpace filed a lawsuit against the virus creator which resulted in a felony charge and sentencing. Twitter takes security very seriously and we will be following up on all fronts.

At about 2AM on Saturday, four accounts were created that began spreading a worm on Twitter. From 7:30AM until 11AM PST, our security team worked on eliminating the vectors that could identify this worm. At that time, about 90 accounts were compromised. We identified and secured these accounts.

Later in the afternoon, a second wave of the worm hit Twitter and this time it was much more intense. "

Read more: http://blog.twitter.com/2009/04/wily-weekend-worms.html


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!