Yesterday, Twitter was hit by a really nasty exploit. A worm, apparently originating from the owners of the website StalkDaily.com (even tho they claim they did not do it, do not visit this site for the time being), that can infect users simply by visiting a friend’s profile on Twitter.com.
Twitter said they have taken steps to remove the holes that allowed this worm to spread, but I have still seen some of the affected accounts after that.
The code for infecting Twitter accounts resides on Twitter pages themselves. The malicious code is apparently hidden somewhere in the bio section of the affected profiles. You don’t have to click anything to get infected, simply visiting the compromised profile can get you infected with this worm.
BNOnews reports: 17-year-old claims responsibility for Twitter worm.
What to do if your account has been hijacked?
- Turn off Java in your browser and clear out your cache and cookies.
- In your Twitter account switch your bio back to normal.
- As a precaution, change your Twitter password.
To prevent infection in future
Avoid visiting Twitter profiles until the issue is fixed. Both StalkDaily and Mikeyy are spreading by visiting user profiles on the web. You can’t do this in a Twitter client, so I suggest using a Twitter client like TweetDeck or similar.
Affected Twitter accounts tweet stuff about Mikeyy and StalkDaily.com. Don’t click on anything to do with either Mikeyy or StalkDaily.com.
