Sponsored by..

Showing posts with label XSS. Show all posts
Showing posts with label XSS. Show all posts

Sunday 12 April 2009

"Mikeyy Mooney" / StalkDaily.com - someone is lying

The rules of spam are a semi-humorous and semi-serious look at the behavior of spammers.

Well, one hot spam topic is the recent StalkDaily.com XSS attack on Twitter. This cross-site attack basically spams out ads via a victim's contact list, and although it is arguable if this is "hacking", it certainly is spamming.

So, let's look at the "rules of spam" and how they apply in this case.

Rule #0: Spam is theft.
Using Twitter's services to send spam is theft. But perhaps the main financial cost to Twitter is that this kind of rubbish will put people of using the service. Of course, Twitter doesn't actually seem to make any money, but that's another issue..

Rule #1: Spammers lie.
So, when the spam attack took place, some people must have started to make complaints about StalkDaily.com, a domain registered on 22nd March to an anonymous registrant. The owner of StalkDaily.com responded as follows:

For everyone wondering, I did NOT promote and/or was involved with the spamming ON Twitter. All bad things you are hearing about this site is not true. Please reconsider as I am not the person who did this.
So, that clearly states that StalkDaily.com is not behind the XSS attack. So what's going on? Is it a Joe Job? Here's the odd thing.. Joe Jobs normally target established sites (not one less than a month old), and why waste an XSS exploit like this on a Joe Job when Twitter will probably close it?

We didn't have to wait long for an answer:

I have came clean and have accepted the responsibility for the worm, read the interview here, http://www.bnonews.com/news/242.html.

That's kind of 100% different from the last denial. The operator of StalkDaily.com is clearly lying about something, perhaps everything.

Rule #2: If a spammer seems to be telling the truth, see Rule #1.
As we have discovered, StalkDaily.com's denial was proved to be a lie. Or perhaps there denial is a lie. In any case, you should not do business with liars or spammers.

Rule #3: Spammers are stupid.
And this dude is as stupid as they get. Sure, stupid in a very smart kind of way.. but the kind of stupid that doesn't thing what the consequences might be.

Rule #4: The natural course of a spamming business is to go bankrupt.
I can hear the sound of Twitter lawyering up. Hahahah.


The StalkDaily.com website points to a pseudo-news article at BNOnews fingering someone called "Mikeyy Mooney". And there's a large collection of material relating to "Mikeyy Mooney" at sqworl. But is it really "Mikeyy Mooney"? The admission itself comes from whoever operaters StalkDaily.com.. and we have already established that they are a liar. The sqworl documents point to someone in Louisiana.. the BNOnews article says New York. Last time I looked at a map, these were two different places.

Perhaps a closer look at StalkDaily.com's server might be interesting. 74.200.253.195 hosts the following domains:

  • Haxyou.com
  • Michangelomooney.com
  • Stalkdaily.com
Wait.. Michangelo? Is this guy a teenage mutant ninja turtle?

Most of these sites have anonymous WHOIS details, except for Haxyou.com which is registered to some guy called Ryan who appears to be a distinctly different biological entity.

This is the bottom line - the operator of StalkDaily.com is a liar. They may even be lying that they are "Mikeyy Mooney." Perhaps Twitter can do us all a favour and subpoena the domain records before suing this idiot into the ground.