Twitter Hit With Second Worm In a Week 97
adeelarshad82 writes "Days after a site update unleashed a Twitter cross-site scripting attack, the micro-blogging site was again hit with a bug that spread via questionable links. The offending messages appeared on a user's Twitter feed with 'WTF:' followed by a link. If you clicked on that link, you were taken to a blank page, but behind the scenes, the worm would post vulgar messages on your account that discussed, well, sex involving goats."
Re:where is that goatsex link when you need it? (Score:5, Informative)
WTF: Goatse [goatse.fr]
Re:I guess this script is baaaad for you. (Score:5, Informative)
For those not in the know:
OWASP Cross Site Request Forgery Prevention sheet Sheet [owasp.org]
Re:I guess this script is baaaad for you. (Score:5, Informative)
This post explains it quite well: http://www.andrewnacin.com/2010/09/26/csrf-twitter/ [andrewnacin.com]
Essentially, just create one or more iframes, with the iframe source set to http://twitter.com/share/update?status=WTF+PAYLOAD [example.com]
As long as you're logged into Twitter via the web, it will auto-post that update without any request for permission from you.
Re:Great - more 4Chan? (Score:5, Informative)
Or you could install this GM script [userscripts.org] which expands them to the real URL without actually loading it.
Re:where is that goatsex link when you need it? (Score:3, Informative)
Next up: Twitter worms that discuss Natalie Portman naked and petrified, GNAA trolls and of course the classic penis bird.