Interview With The Michael Mooney The StalkDaily Twitter Worm Creator

So here are some unanswered questions that you might want to hear from Twitter Worm StalkDaily creator you want to read. Thanks to NetDailyNews

NND: Do you have Twitter?

MM: I did, but they are now all suspended.

NND: How long did it take you to create the

MM: Around 2 hours. I created it last night.

NND: And why did you create the worm?

MM: Out of boredom. It
was the middle of the night and I had nothing else better to do.
I noticed the XSS vulnerability about a week back and decided to fiddle
with it.

NND: How was the code behind the worm found?

MM: Well, when most of
the users get infected with the ?worm?, it auto updates their profile
with the script for the javascript(XSS) and I guess from that someone
decided to take a look into the input fields of Twitter and noticed
something.

NND: When do you plan to deactivate the worm?

MM: As soon as they are able to sanitize their fields correctly, or promptly address me to remove it.

NND: So Twitter has not yet contacted you about this?

MM: Not at all.

(Hm.. is this just plain twitter ignorance as they always do)

NND: Do you realise that you?ve angered and upset a lot of people?

MM: Yes, I have realised that. I
feel pretty bad about it, but it?s not me that left the vulnerability
out in the open. I could be storing their data for bad, yet I am just
posting data from their account which will quickly address Twitter that
something is wrong. Though if no one were to do something, quickly,
someone else could something like me but store data, such as their
email, name, mobile number and use it for future spamming.

NND: There is a new worm floating around Twitter, which
forces users to post Tweets saying that you ?own?. Is that all that the
new worm does?

MM: No, right now the worm only grabs the users auth token from their browser using javascript then updates their profile with the worm?s script, then updates their status, then follows a user.

NND: Which user does it follow?

MM: @onedegrees

NND: Will you be releasing any more worms?

MM: I?m not sure, depends on if Twitter sanitizes their fields.

NND: Is there any way to stop the Tweets?

MM: I don?t think so, you could disable javascript to prevent the XSS from being executed.

NND: The worm also removes the backgrounds of Twitter user?s pages?

MM: Yes, the new one does. It was another XSS I found.

NND: Do you realise you could be arrested for this?

MM: Yes, I?m aware. I?m not worried though. I know that it could land me in jail.

After this, Mikey signed off and told us that we are ?as annoying as f**k?.