In an interview with CNET News, Rowland said that he saw the worms on Twitter and was impressed with Mooney's skills so he contacted him about working for him doing security analysis. After joining the job, Mooney had released yet another Twitter worm.
Surprisingly, as per Mooney, Twitter never responded when he tried contacting them directly. Mooney told CNET News, "I just want to let (Twitters) know that my intent is not to aggravate them. It's probably not the best way, but it's the only way I can reach out to Twitter so they will fix the vulnerability."
If we consider Mooney's defense, then he did try to contact Twitter executives but they never responded. And in response, the kid created a 'benign' worm that didn't compromise password of Twitter users.
Graham Cluley, security analyst at Sophos, pointed out at official Sophos Blog that the new fifth 'Mikeyy' variant worm targets celebrity profile accounts like Oprah, The New York Times and others. The new worm sends messages targeted at new celebs and few of those many messages include:
@oprah - sup? welcome to twitter - mikeyy
@TheEllenShow - hey baby, love me long time? - mikeyy
@nytimes - yep, it's true - mikeyy
@StephenColbert - you funny - mikeyy
@aplusk - hey, homo - mikeyy
@souljaboytellem - your music sucks dude - mikeyy
Cluley criticized Rowland's decision of hiring Mooney and believed that the kid put Twitter users at risk of having their identities stolen or malware installed on their machines by financially-motivated hackers. Such hackers could've used the cross-site scripting exploit that Mooney used.
In defense, Rowland said that Mooney did a favor by alerting Twitter about the security flaws and believes that the kid had a potential white hat hacker career with proper influence and guidance.
After playing a serious security prank online, the security firms hire such 'bored' brains and put them to best use. In Mooney's case it was financially harmless (to users at least) prank that pointed out a flaw.
We aren't sure that playing a security prank on one of the popular sites or services can get you a great job, but it might land you in jail for sure. We hope that the other teenagers do not go the 'Monkeys see, Monkeys do' way following Mooney.
Source: www.techtree.com
