April 17th, 2009

Twitter worm author gets a job at exqSoft Solutions

Posted by Dancho Danchev @ 11:11 am

Categories: Browsers, Exploit code, Hackers, Malware, Passwords, Pen testing, Social Networking Applications

Tags: Job, XSS, Web Application, Worm, Twitter, Mikey Mooney, Cyberthreats, Dancho Danchev, Security, Viruses And Worms

UPDATE: Mikeyy Mooney of Stalk Daily gets Hacked. Here’s more info.

Now that was so fast that even Owen Thor Walker (AKILL) and Michael Calce (Mafiaboy) should envy the short cybercrime-to-job offer cycle here. 17 years old Mikeyy Mooney, the author/spreader of StalkDaily/Mickeyy XSS worm that exploited Twitter through trivial web application vulnerabilities during the weekend, has landed a job as a web applications developer at exqSoft Solutions.

Do you fancy him? I don’t, and so do others. Here’s why you shouldn’t, as well as the implications of what is slowly becoming a dangerous trend.

Image the villains vs cybercrime task force, an internationally recognized team including Romanian phishers, ex-carding kings now politicians, initiators of the first major DDoS attack that hit the most popular web sites in 2000 (including ZDNet) and who else are we missing? Oh yeah, the Pinch malware authors, but “sadly” they’re in jail.

Cutting the sarcasm, this most recent hire indicates an emerging trend and sends a wrong signal. Namely, that conducting unethical pen-testing against a top web property’s web applications in order to put the proof of concept code into action by launching a worm in order to prove the obvious, can indeed land you a job offer. A similar case happened in July, 2008, when a XSS worm at Justin.tv infected 2,525 profiles in order to prove the obvious - the site’s “wormability”. Back then I pointed out the same concern :

Now, proof of concept of what exactly remains questionable, since if the research community was to exploit every site vulnerable to SQL injections or high profile sites vulnerable to critical XSS flaws, in order to embedd a counter within and then come up with fancy graphs saying this is the number of people that could have been affected by this flaw, we would be dealing with more PoCs next to the real security incidents executed by malicious parties.

It’s important to point out that exqSoft Solutions appears to be fully aware of the basics of guerrilla PR campaigns. The company established in 2000 is nowhere to be found in the public space, that’s of course until it hires Mikeyy Mooney to make a mainstream media appearance for the very first time.

Who’s next on the hiring spree? From a web application security perspective, that could easily be the Asprox botnet authors, having SQL injected over 1.5 million pages (500, 000 sites), making Mikeyy’s XSS worm look like a bit of a shy one.