Home Updated: Google Talk Worm Origin Found?

Updated: Google Talk Worm Origin Found?

“Hey check out this video! http://tinyurl.com/xyz,”; says an old friend by Google Talk IM. Well sure, you think, I’d love to see a video from you – it’s been a long time! Maybe you got an IM like that this afternoon, too. Maybe you got six.

There’s nothing wrong with clicking on such a link, but when the site that loads as a result, Viddyho.com, asks for your Google Talk username and password in order to view the video – then you should know that trouble is afoot. Surprisingly, a whole lot of tech savvy people fell for it today. Update: The Harvard Crimson says it has unearthed the person responsible for the Viddyho worm.

Daniel Carroll reported tonight on the Harvard Crimson newspaper’s site that he did a little tracing backwards, further than other reporters on the story had, and found that a San Franciscan named Hoan Ton-That appears to be responsible for the site that was harvesting the user credentials of worm victims. Ton-That’s web hosting account has been suspended, Carroll reports that he’s learned from the company. The alleged author of the worm didn’t respond to his requests for comment but has a twitter account here and apparently was in this author’s home town of Portland, Oregon just last week. (We were not plotting the attack together, I swear.) Ton-That’s Twitter bio reads: “Anarcho-Transexual Afro-Chicano American Feminist Studies Major” – which sounds like either an immature joke or a pretty bad ass bio to us.

The Tech Issues

We do think there are some big issues to discuss here, too, though.

The fact that many otherwise tech savvy people are falling for this trap shows that legitimate experiments in user authentication (like OpenID) still have a whole lot of explaining to do and secure APIs need more adoption. This could just as easily have been Facebook or Twitter that hijacked your Google Talk account – we give them our passwords and just trust that they won’t.


About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.