A new Twitter worm circulated quickly Sunday afternoon, affecting thousands of accounts, just days after the "OnMouseOver" hack hit hundreds of thousands.
Sunday's worm creates a tweet with obscene language on your account, in addition to a separate tweet that says "WTF" with a link. The link is wrapped in Twitter's URL shortener "t.co," and as others click it, it further spreads the worm.
Entrepreneuer @stephenou was among victims of the hack after clicking one of the affected t.co links. He tweeted shortly thereafter, "PEOPLE: STOP CLICKING THE PASTEHTML.COM LINK!"
Also affected was tech blogger @Scobleizer, who then tweeted, "DO NOT CLICK ON ANY Tweet or links WITH "WTF" IN IT! You'll look stupid like I did! :-)"
The affected tweets are being tweeted via the "Tweet Button," and it is automatically generated on your account once you click the bad link.
UPDATE: Twitter's Support says, "A malicious link is circulating that will post a Tweet to your account when clicked on. We've disabled the link and are resolving the issue." An employee tweeted shortly after, "Dear all, the exploit has been fixed."
