A new strain of Mikeyy is running rampant on Twitter today and the stream is focusing on little else. Twitter is working on the issue, and while I’m confident they’ll continue to close these loopholes, I’d expect mutations of these worms to continue to be an issue for the next day or two.
Meantime, a lot of people have asked me: how can I tell if I’m infected? There are several ways. And if you are, don’t panic – it’s a pretty simple cure.
Check Your Profile For Tweets You Did Not Send
Visit your profile page on Twitter (mine is http://twitter.com/sheamus). Scan through your tweet timeline for any tweets you did not send. These will say things like ‘Call Mikeyy’ or ‘Twitter, hire Mikeyy!’.
If you see anything like this that you definitely did not send, then you are infected.
Search On Twitter
If you tweet a lot it may take a while to work back through your timeline. An easier way to do this is to open a search query at http://search.twitter.com. Enter your username and Mikeyy within the search box. For example:
Again, if you’ve been discussing Mikeyy this will show up in the search. But you’re looking for tweets you did not send. If you see any, then you are infected.
Check Your Profile HTML Source Code
Go to your profile page, and open up the page source. (This will either be in your view menu, or possibly accessed via a right-mouse click. You’re looking for ‘view source’ or ‘open source’ or similar). These will open the HTML code for your profile page.
Look at it carefully. Do a search (CTRL+F) for ‘Mikeyy’. If you’ve mentioned Mikeyy at all, it will naturally show up in your tweets. But what we’re really looking for is malicious scripts or things added to your profile code within the design area. If you see anything suspicious, chances are you are infected.
Mouseover The Username
This will only work if you’re accessing Twitter through Twitter.com. If you mouseover an infected account’s username you may see some extra code after their name. If so, they are affected. This would work for your own name, too. (Thanks to Mac for the tip. I haven’t seen this happen myself but I have seen some users changing their username after being infected and this might be why.)
Infection isn’t the end of the world. Using the link provided above you can easily remove the Mikeyy worm. You might also like to read my article, “HOWTO: Protect Yourself On Twitter” for more tips on avoiding worm exploits in the future. At the moment, the worms on Twitter don’t pose any serious threat, but this is likely only the beginning.
While Twitter is working hard to close these exploit loopholes – at the time of writing the last Mikeyy auto-tweet seems to have gone out about 30 minutes ago and most of the older ones have been erased – these things typically get a lot nastier, more dangerous and damaging. It shouldn’t in any way ruin your experience within the network, but do take protective measures in the future.