CNET is available in the following editions:

Teen behind Twitter worm chaos lands security job, spreads new worm

By Elinor Mills on 20 April 2009, 10:26am

The teenager who takes credit for the worms that hit Twitter recently has been hired by a Web application development firm and on Friday released a fifth worm on the microblogging site, he said.

Twitter fought off four waves of worm attacks a couple of weeks ago. Twitter users were infected just by clicking on the name or image of someone whose account was infected. The worms appeared to do no damage other than spread to infected users' followers and modify profile pages.

Michael Mooney, a 17-year-old living in Brooklyn, New York, told CNET UK's sister site CNET News that he wrote the worms because he was bored and wanted to bring the security holes to Twitter's attention.

Mooney also grabbed the attention of Travis Rowland, founder of exqSoft in Hammond, Oregon, who has hired the teen.

Rowland told CNET News on Friday that he saw the worms on Twitter and was impressed with Mooney's skills. He then contacted Mooney about performing security analysis. "I saw his Web site and he coded that all from hand and it was pretty impressive -- it was a complete Twitter clone," Rowland said.

After landing the job, Mooney spread the latest worm, which exploits a fifth vulnerability on the site, he said. Asked why he doesn't contact Twitter directly instead of launching the attacks, the graduating high school senior said he had tried but had received no response.

"I just want to let [Twitter] know that my intent is not to aggravate them," Mooney said in a phone interview. "It's probably not the best way, but it's the only way I can reach out to Twitter so they will fix the vulnerability."

The latest worm exploits a cross-site scripting vulnerability and posts messages from infected accounts, referencing celebrities, according to a blog post by Graham Cluley, a senior technology consultant with security firm Sophos.

Rowland blasted Twitter for not adequately protecting its site. "It's a complete failure on their part," he said.

Twitter executives did not respond to an email seeking comment.

You might like these...

Windows 8 on tablets explained by Microsoft

Windows 8 on tablets explained by Microsoft in Crave

Saudi journalist deported for controversial tweet

Saudi journalist deported for controversial tweet in Crave

Post your comment

Make your comment count. Log in or register to skip the 'Are you human?' question and get an avatar

Will not be displayed with your comment

Copy the letters and numbers to prove that you're human. You won't have to do this if you log in or register

Your comment must comply with the Terms of Use

Follow CNET UK

FacebookFacebook Behind the scenes

iPhone AppiPhone App Crave goes mobile

NewslettersNewsletters Highlights by email

TwitterTwitter Stay up to date

RSS FeedsRSS Feeds The latest content

Send Us TipsSend Us Tips Got news? Tell us!

Home

Follow CNET UK

Crave

Reviews

Videos

Downloads

Prices

Partner services

Membership

About Us

About CBS Interactive

Copyright © 2012 CBS Interactive Limited. All rights reserved.