StalkDaily – Twitter users warn each other of worm attack

StalkDaily - Twitter users warn each other of worm attack

Thousands of Twitter users are warning each other about what appears to be a fast-moving attack affecting the system.

Affected Twitter profiles appear to be directing unsuspecting users to the website (Please do not visit this site)

(Some notes about the video above. Yes, I do make a mistake in the video as it’s actually the 12th of April today not the 11th. Sorry about that.)

Curiously, a lot of Twitter users appear to be posting status updates all containing phrases such as :

Dude, is awesome. What’s the fuss?


Virus!? What? is legit!

That last one is particularly sneaky, as it appears to try and discredit the genuine warnings that have been spreading through the micro-blogging site.

Dude, StalkDaily is awesome. What's the fuss?

Ironically, some Twitter users have compounded the problem by posting warning messages about the StalkDaily website on the network, giving a live link to the suspicious website in the process.

Twitter has responded by shutting down the @StalkDaily profile, claiming it has shown suspicious activity, and has reset passwords of Twitter users who it believes have been hit.

Twitter's anti-spam operations comment on StalkDaily

If you believe you may have been affected by this latest attack, don’t just change your Twitter password – make sure you change your credentials on any other site where you may have been using the same password.

Sign up to our free newsletter.
Security news, advice, and tips.

Of course, this isn’t the first time that Twitter users have suffered an attack. Last month, fans of the popular micro-blogging site, were barraged with messages being sent from compromised accounts trying to drive traffic to a pornographic website called ChatWebCamFree.

We’ll post more information as it becomes available. Obviously, in the meantime, it would be wise not to click on any links directing you to

StalkDaily update

Some more information is beginning to emerge about the attack.

The hackers behind the attack planted an additional script into users’ profiles alongside the StalkDaily link, meaning that you could become infected just by viewing an infected users’ details.

You can read more about this in this blog entry by Damon Cortesi.

Denial by

For their part, Twitter has confirmed that what occurred was a cross-site scripting (XSS) attack, spreading links across the system without users’ consent. The site has reassured users that they have taken steps to close the holes that allowed the worm to spread, and that “no passwords, phone numbers, or other sensitive information were compromised” as part of the attack.

In the latest development it is being reported that a 17-year-old man called Mikeyy Mooney has claimed responsibility for the attack.

Although StalkDaily originally denied any involvement in the attack with a statement on their website, this was later replaced with an admission that a newspaper interview with worm creator Mikeyy Mooney was genuine.

Revised statement on website

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.