Page last updated at 08:36 GMT, Tuesday, 14 April 2009 09:36 UK

Twitter all clear after worm wave

Twitter was hit by a worm over the weekend

Twitter has been given the all clear after a worm infected "tens of thousands of users". But experts say the attack could have been much worse.

Over the weekend, a self-replicating computer program, or worm, began to infect profiles on the social network.

The worm was set up to promote a Twitter rival site, showing unwanted messages on infected user accounts.

Michael Mooney, a 17-year-old US student, told the Associated Press he created the worm to promote his site.

Mooney, who lives in Brooklyn, New York, said he wanted to expose vulnerabilities in Twitter. He told AP: "I really didn't think it was going to get that much attention, but then I started to see all these stories about it and thought, 'Oh, my God'."

The worm worked by encouraging users to click on a link to the rival Twitter site, called

Once the link was clicked, infected users themselves automatically began to send out messages to friends, promoting the site.

No personal or sensitive information, such as passwords, was compromised in the attacks, according to Twitter, which has more than seven million users.

Mikko H Hypponen, chief research officer at security specialists F-Secure, told BBC News the attack could have been much worse.

"All the problems stayed on Twitter. Even if you were infected, nothing happened to your computer.

"It would have been simple to integrate a web browser exploit into this so that you could have done anything you wanted to the infected computer, including recording all keyboard strokes and capturing credit card details."

Mr Hypponen said he was surprised that the vulnerability had been present in Twitter.

"It was a very basic vulnerability. Similar holes were found in other web social services, such as MySpace and Facebook, quite a while ago.

"I guess Twitter has learned its lesson."

'On alert'

In a blog posting on Monday, Twitter co-founder Biz Stone said: "We are still reviewing all the details, cleaning up, and we remain on alert."

In all, there were four waves of attacks on Twitter.

The website said it had deleted almost 10,000 tweets, or messages, that could have continued to spread the worm.

Mr Hypponen said F-Secure had monitored at least one variant of the worm attack, using a link in a message that pledged to clear up the problem. It had been clicked on at least 18,000 times.

"We would estimate that tens of thousands of users were infected."

He added: "The root cause for these problems is that social networks are interactions with other people and we inherently trust the messages from people we know in real life or virtually.

"So when you get a message from someone on Twitter you trust it because in real life fake messages like this rarely happen."

Twitter has promised to conduct a "full review of the weekend activities".

Print Sponsor

Twitter growth explodes in a year
17 Mar 09 |  Technology
Stephen Fry on joys of Twitter
25 Jan 09 |  Entertainment

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Sign in

BBC navigation

Copyright © 2018 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific