<<< NEWS FROM THE LAB - Wednesday, September 22, 2010 >>> ARCHIVES | SEARCH Twitter onMouseOver Spam Posted by Sean @ 18:05 GMT The first of yesterday's Twitter onMouseOver worms was started by Magnus Holm.



His version of onMouseOver worm did nothing more spread itself and could be deleted. And because it merely spread itself, Holm considers his version of the worm to have been harmless. Many authors of yesteryear's Internet worms thought the same.



Unfortunately, a "harmless" worm doesn't stay harmless for very long and there soon came a more aggressive onMouseOver worm, written by a seventeen-year-old using the alias Matsta.



Here's a screenshot of his now suspended Twitter account:







Can you see the two bit.ly links in his feed of tweets?



They were clicked several thousand times.











And where do the links go? — Surveys.



Matsta is a spammer driving traffic towards the CPAlead.com affiliate network.



CPAlead affiliates are paid up to a buck or more per "lead".



Here's an iPad offer:







And here's advice on how to unhack Twitter:







If you fill out a survey and provide your e-mail address, or download a toolbar, or sign up for an SMS ($/�) service, you'll then be directed to Ask Dave Taylor.



Matsta isn't even providing original content, he's just a proxy, promoting surveys and earning himself money in the process.



Another one of the tweets in Matsta's feed mentioned DanielFarley:







And one of Farley's tweets refers to this recently created Facebook Page:







Gascoigne's site at matsta.org Rick Rolled visitors yesterday.



Today, there's a blog:







Matsta writes:



"I'm going to post my full account of what happened on Twitter this morning."



It should be quite interesting to see what he has to say for himself.



Hopefully Twitter's lawyers are taking notes…









