Twitter Hit With Second Worm In a Week - Slashdot

Follow Slashdot stories on Twitter

×

Twitter Hit With Second Worm In a Week 97

Posted by CmdrTaco on Monday September 27, 2010 @12:55PM from the security-is-hard dept.

adeelarshad82 writes "Days after a site update unleashed a Twitter cross-site scripting attack, the micro-blogging site was again hit with a bug that spread via questionable links. The offending messages appeared on a user's Twitter feed with 'WTF:' followed by a link. If you clicked on that link, you were taken to a blank page, but behind the scenes, the worm would post vulgar messages on your account that discussed, well, sex involving goats."

This discussion has been archived. No new comments can be posted.

Twitter Hit With Second Worm In a Week

Search 97 Comments Log In/Create an Account

Comments Filter:

Re:where is that goatsex link when you need it? (Score:5, Informative)

by ShaunC ( 203807 ) writes: on Monday September 27, 2010 @01:03PM (#33713504)

WTF: Goatse [goatse.fr]

Parent Share
twitter facebook
Re:I guess this script is baaaad for you. (Score:5, Informative)

by Bill, Shooter of Bul ( 629286 ) writes: on Monday September 27, 2010 @01:04PM (#33713524) Journal

No. This is a Cross site Request Forgery attack. The Script in this case, was on the linked site, not in the tweet.

For those not in the know:

OWASP Cross Site Request Forgery Prevention sheet Sheet [owasp.org]

Parent Share
twitter facebook
Re:I guess this script is baaaad for you. (Score:5, Informative)

by nacturation ( 646836 ) * writes: <nacturation AT gmail DOT com> on Monday September 27, 2010 @01:50PM (#33714166) Journal

This post explains it quite well: http://www.andrewnacin.com/2010/09/26/csrf-twitter/ [andrewnacin.com]
Essentially, just create one or more iframes, with the iframe source set to http://twitter.com/share/update?status=WTF+PAYLOAD [example.com]
As long as you're logged into Twitter via the web, it will auto-post that update without any request for permission from you.

Parent Share
twitter facebook
Re:Great - more 4Chan? (Score:5, Informative)

by icebraining ( 1313345 ) writes: on Monday September 27, 2010 @02:15PM (#33714528) Homepage

Or you could install this GM script [userscripts.org] which expands them to the real URL without actually loading it.

Parent Share
twitter facebook
Re:where is that goatsex link when you need it? (Score:3, Informative)

by Jedi Alec ( 258881 ) writes: on Monday September 27, 2010 @03:19PM (#33715290)

Next up: Twitter worms that discuss Natalie Portman naked and petrified, GNAA trolls and of course the classic penis bird.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

692 commentsMen Overran a Job Fair For Women In Tech
501 commentsGoogle Workers Protest Cloud Contract With Israel's Government
472 commentsHow Electric Cars are Already Upending America
446 commentsInternet Access in Gaza is Collapsing as ISPs Fall Offline
424 commentsConservatives Bombarded With Facebook Misinformation Far More Than Liberals In 2020 Election, Study Suggests

Understanding is always the understanding of a smaller problem in relation to a bigger problem. -- P.D. Ouspensky