Twitter worms no threat to users of Kaspersky Lab products

24 abr 2009
Notícias de Vírus

Kaspersky Lab announces that its products successfully detect all versions of Net-Worm.JS.Twettir that recently spread on the Twitter social networking site.

Twitter is a free social networking and micro-blogging service that enables its users to send and receive short text messages. The malicious program Net-Worm.JS.Twettir began spreading on Twitter on Saturday, 11 April.

The worm used vulnerabilities in Twitter that allowed it to perform cross-site scripting (XSS) attacks and to modify users’ accounts. Accounts were infected when users visited a modified page on Twitter or when they followed links to a promoted website in messages they believed to be genuine ‘tweets’ from their friends. A JavaScript scenario was used in the infection process.

Over the next few days, different versions of the worm circulated on Twitter causing several waves of infections. According to the administrators of Twitter, all the holes on the site have now been closed. There is nothing to suggest that user credentials were stolen or passwords, phone numbers, and other sensitive information were compromised as result of the attack.

Growing threat emanating from social networking sites

New York resident Michael Mooney, 17, has admitted creating the worm Net-Worm.JS.Twettir. He told BNO News that he had created the XSS worm "out of boredom". He also added that he wanted to show web developers the vulnerabilities in their products and to promote his own site via the link in the fake Twitter messages.

According to David Emm of the Global Research and Analysis Team at Kaspersky Lab, the new worm does not have sophisticated functionality and is not a real threat because it does not steal personal data. The problem, in his opinion, lays elsewhere – the possibility of launching malicious scenarios using such widespread and familiar interactive elements as buttons and links.

“Also, in response to the new XSS-Worms, some web services have been created to supposedly protect the user. But again, these services ask users to just click on a link – while asking their friends to do the same. In other words, they behave in a similar way to malicious programs,” says David.

The Kaspersky Lab analyst also stresses that the Twitter incident is further proof of the growing threat emanating from social networking sites. Kaspersky Lab’s malware evolution report for 2008 stated that the effectiveness of a malicious code distribution on social networking sites is about 10 percent, which is considerably more effective than the traditional malware distribution method via email (less than 1 percent). This may be due to the fact that users of such sites are much more trusting and these services fail to provide sufficient protection.

Kaspersky Lab products successfully detect all versions of Net-Worm.JS.Twettir. They also provide effective protection from other script threats that arise when loading Internet sites and when using their interactive elements.

Acerca do Kaspersky Lab

O Kaspersky Lab fornece a mais imediata proteção do mundo contra ameaças de segurança IT, quer elas sejam vírus, spyware, crimeware, hackers, phishing ou spam. Os produtos Kaspersky Lab fornecem tarifas de detecção superiores e o tempo de resposta contra erupção mais rápido da indústria de utilizadores domésticos, PMEs, grandes corporações e o ambiente computacional móvel. A tecnologia de Kaspersky também é usada no mundo inteiro dentro dos produtos e serviços dos principais fornecedores de soluções de segurança IT da indústria. Saiba mais em Para as últimas notícias sobre antivírus, anti-spyware, anti-spam e outros assuntos e tendências da segurança IT, visite