How to Keep Safe and Remove Twitter Worm

by on April 18th, 2009

The malicious worm “Mikeyy” or “Stalkdaily” (similar to the Samy worm that infected MySpace in 2007) affecting Twitter is active again. Twitter is taking action against the problem but it seems like the problem will remain further over the network for one more week. This is the fourth attack so far. The worm, “Mikeyy” or “StalkDaily”, was created by a 17-year-old Mike Mooney which generates thousands of spam messages containing the word “Mikeyy.” The messages are sent from infected accounts, without the owners’ knowledge.

Mikeyy posts messages as like followings:

– Mikeyy I am done
– MikeyyMikeyy is done
– Twitter please fix this, regards Mikeyy
– Twitter should really fix this

How to keep safe from Mikeyy
  • Do not click on any links from messages containing the words “Mikeyy” or “Stalkdaily.”
  • Use third-party Twitter desktop clients like Seesmic Desktop, Twhirl (for PC) or TweetDeck (for Mac).
  • Do not use the Web-based version of Twitter
  • Do not see user profiles (profiles might be infected)
  • Disable JavaScript in your browser.
  • Use the no-script add-on for Firefox, which stops any unwanted scripts from running
  • If your Twitter account is infected, do not retweet any of the fake messages
  • Clear your browser cache and turn off JavaScript
  • Log into Twitter and delete any messages your profile automatically posted that contain the word “Mikeyy”. Turn JavaScript back on so you change your bio and URL, and reset your color scheme from your profile.
  • Change your password as an extra precautionary measure
  • Log out of your account and you can continue using Twitter via a desktop client

If your account is infected it will begin to send spam messages. Your followers would become infected also and the worm’s infection rate would grow.
F-Secure was able to track the worm. According to the company, the variant of the worm mostly affected users in the United States and was clicked on well over 18,000 times. F-Secure’s chief research officer, Mikko H. Hypponen, told the BBC the attack could have been much worse as it would have been a simple trick for malware authors to modify the worm to infect a user’s computer, where more serious offenses like identity theft could have occurred.