Early Bird Catches the Twitter Worm

Twitter users who were up early on the Saturday morning of the Easter weekend would have been the first to catch the Twitter worm. This story has been the tweet of the town over the past couple of days and while it hasn’t succeeded in putting Twitter to bed, it has had it down with a small case of the black lung!
 
What actually happened?

The story starts with a young bored teenager, Michael Mooney, who was sick of the success of Twitter and the failure of his copycat site Stalkdaily.com. One late night he unleashes a worm of his own creation onto Twitter which grew quickly to infect over 10 thousand twitter profiles.

So what?

While the worm was relatively benign and no sensitive user information (such as passwords or phone numbers) were compromised, it does bring certain questions regarding Social Media safety into the limelight.

A worm resulting in tweets sent from your profile can have the same damaging effects as some little jokester sending “funny” messages from your Facebook  profile to your friends. It’s not only Twitter that has been sensitive to an attack such as this one.  In 2007 MySpace  fell victim to a similar attack from the Samy worm.

This story leaves me wondering how secure Social Media sites really are. What this attack revealed is that there are possibilities for abusing the system. Is it not just a matter of time before Mikeyy or someone of his type creates a worm that can access personal information? And once passwords are compromised can any tweet be trusted? For now it seems that social networks are fairly safe and that only through guessing can someone obtain your password.

There are a few practical ways to protect your sensitive information:

• Use long passwords of at least 8 characters that contain both letters and numbers. Where possible use special characters such as &,# or %.
• Change your passwords every 2- 3 months so that if a hacker knows your password they can’t use it forever.
• Avoid giving out your phone number and be selective about what sensitive information you share even inside your account.
• Choose your networks wisely - don’t sign up to unknown social network space.
• Always use virus software.
•  Use Firefox instead of Internet Explorer. Firefox is by far superior and Internet Explorer is considered to be insecure.
•  Use your common sense, if it looks too good to be true it probably is!

Well, have we learnt something?

Beyond making us aware of basic security habits there are a couple of ORM lessons to be taken away from this little tale. The general feeling amongst the tweeters this past week has been one of irritation. While Twitter has tried to communicate the situation through their official blog it seems that their efforts have fallen short. Twitter needs to speak directly to users and update them constantly on the situation. Let’s just hope that Twitter does not fall victim to doing “too little too late”.

Tweets conveying insecure thoughts regarding the safety of Twitter.

Mikeyy (the author of the worm) told reporters that his worm was an attempt to steal clients away from Twitter and to shamelessly promote his own microblogging site. Well Mikeyy, you were definitely talking to the right audience, just doing so in the wrong language! Twitter users are way too tech savvy to take a clear privacy and safety violation on the chin.

Twitter users express their views towards StalkDaily.com

We’re not yet sure what the overall effect of the Mikeyy worm will be on new and old Twitter users. If Twitter monitors their online reputation like they should they will realise the need for direct conversation. As for Mikeyy, the latest headline about him suggests he’s done well off the event: “Write a Twitter Worm, Get a Job?” The future looks bright for Mikeyy as there are no reports of Twitter taking legal action against the young hacker.  Having said this I still think that the reputation of StalkDaily.com will be forever tainted by this wormy ordeal.