The attack began around 2 a.m. Saturday from four accounts. Twitter's security team hunted the malicious code and secured compromised accounts throughout the day. Nearly two hundred user accounts were compromised by the worm on Saturday.
Another wave of attacks hit on Sunday, but the blog didn't say how many additional accounts were hit. The company says it removed nearly 10,000 tweets that could have been used to spread the worm.
While the blog post says the attack is contained, other reports say the malicious code is still circulating. One article warns Twitter users not to click on any tweets that reference "Mikeyy" or "StalkDaily."
We'll follow the story and post updates as we get confirmation on Twitter's progress against the worm.