Twitter was hit today by the StalkDaily virus. The long version of the story is in my prior post on the subject, and its comment thread. The super-short version is:1. Twitter had a virus (or worm) whose main symptom is that your Twitter account sends out tweets like:
Hey everyone, join www. StalkDaily. com. It's a site like Twitter but with pictures, videos, and so much more! :)
2. The virus could be contracted by visiting affected Twitter profile pages.
3. The virus could be cured by ensuring that the URL in your profile (aka settings) page is as it should be. (The URL can be hacked to allow the execution of malicious scripts.) Cleaning up other fields in your settings/profile is also advisable. One can also clear cache, clear cookies, and/or change one's password, but those steps all seem to basically be an abundance of caution.
4. Using non-web Twitter clients appeared to avoid risk of infection.
5. Subsequently, Twitter claimed to close the security hole that permitted the virus to spread.
6. The owner of the StalkDaily website has apparently confessed to creating the attack.
A slightly longer form of the story -- which I wrote before learning that Twitter claims to have ended the problem -- is:
- That code can be triggered by chicanery in the URL field on somebody's Twitter settings.
- Going to an affected Twitter profile page can infect you. However, if you close your browser tab within three seconds you're safe.
- Until the storm has blown over, this is probably not a good time to check out the profile pages of new followers. For example, I and other folks were infected in just that way, specifically by the account GangsterBoyHah.
Other blogs have picked up on that work, including ReadWriteWeb and perhaps Mashable as well (it's not totally clear who the "we" is in that post who noticed exactly the same things the commenters on my post did). Damon Cortesi appears to have worked out a lot of the details as well.
One thing: While I defer to Mark's perceptions over my own, I do have a couple of qualms about that precise version of the story, namely:
- GangsterBoyHah's Twitter page was seriously malformed. Mine, while I was affected, was not.
- Also, I never detected any problems in my settings.
- It's tough to explain this by the fact that I use PowerTwitter (a Twitter-related Firefox plug-in).