Advisory: “Mikeyy” Twitter worm has resurfaced – Protect yourself

Chris April 17

0 Comments

162992-twitter_worm_1801For those of you who use the Popular Mobile/Social networking/Microblogging service Twitter, the “Mikeyy” worm is back.

It hit last week, and is a nuisance to twitter accounts, posting unwanted messages on profiles.

The “mikeyy” attack is posting messages on user’s Twitter pages, much like last week’s attack. At the time of writing, it’s still live and posting messages which contain the name “mikeyy”. The messages include the following:

“he’s back. ;) – mikeyy”
“womp. womp. womp.”
“you funny. – mikeyy”

and more.

We’d like to share some advice on Mikeyy, and how to protect yourself, from a Mashable story earlier this week:

How Mikeyy Works

Mikeyy appears to use the same technique as the StalkDaily worm, suggesting that the issue has not been fully fixed: exactly like yesterday’s exploit, it adds an executable script after #color in the CSS. There are multiple user-editable fields in the Twitter settings, and our best guess is that the exploit is using a different field for input.

It appears to be more of a nuisance than malicious at this point – the attacker is pointing out that Twitter has not fully fixed the issue.

What To Do

To prevent infection, it’s smart to:

1. Stop visiting Twitter profiles on the web, since these are the source -

2. You might want use a 3rd party app like TweetDeck (TweetDeck reviews) or Seesmic Desktop (Seesmic Desktop reviews) for now

3. Disable javascript in your browser settings, or use a Firefox (Firefox reviews) add-on like no-script, which stops unwanted scripts from running

If you’re affected by Mikeyy, it’s smart to:

1. In your browser settings, clear your cache and cookies

2. Also in your browser settings, turn off javascript

3. Log into Twitter. Go to your Twitter settings and check for anything suspicious, particularly in the URL or location. If there’s anything there, delete it fully and replace with your actual URL and location.

4. Re-enable javascript and check the Design section of your Twitter profile to make sure there are no changes to your profile colors. If there are, delete these too and replace with whatever colors you want.

5. Delete unwanted Tweets containing Mikeyy

6. As an extra precaution, reset your Twitter password.

7. Log out of your account.

8. Since there are claims that Mikeyy may re-activate on login at Twitter.com, you may wish to continue using Twitter via a desktop client like TweetDeck or Seesmic Desktop, rather than on the web.

If you need help, feel free to send us an @reply on twitter, (our account  is twitter.com/flexilis if you’d like to follow us) and we’ll be glad to give you advice!

-The Flexilis Team

Share with the world:
  • E-mail this story to a friend!
  • Digg
  • Yahoo! Buzz
  • del.icio.us
  • TwitThis
  • Reddit
  • StumbleUpon
  • Facebook
  • Slashdot
  • Google
  • Technorati
Join the Lookout Beta!

Post a Comment

Comments     Basic HTML is allowed (a href, strong, em, blockquote).

NOTE: We'd rather not moderate, but off-topic, blatantly inflammatory, or otherwise inappropriate or vapid comments may be removed. Repeat offenders will be banned from commenting.