21 December 2007 | 5,406 views

Worm Spreading Fast on Google’s Orkut Social Network

Prevent Network Security Leaks with Acunetix

A new worm has hit Google’s Orkut and it seems to be hitting it pretty hard, it’s infected via the scrapbook feature and is adding hundreds of thousands of users, similar to the Myspace worm (Samy) that hit in October 2005.

It seems to be fairly unmalicious, more of a ‘look at me – see what I can do’ kind of thing. It’s certainly interested to see that social networking sites are beginning to be the focus of hackers, even if it’s not for money or stealing info..But more of a playground to test their skills.

A fast moving worm is squirming though Google’s Orkut social network, adding hundreds of thousands of users to an Orkut community created by a Brazilian hacker.

The worm, which first appeared on Dec. 19, has been spreading through Orkut’s Scrapbook system at a rapid pace, infecting more than 650,000 users in the space of a few hours.

According to an alert from anti-virus specialist Trend Micro, infection starts when an Orkut user is sent an e-mail telling them that they have a new Scrapbook entry.

I guess you can avoid it by not reading any scraps, or using something like NoScript – which would remove the danger of the JavaScript. But again it comes back to the same old thing, how many average users would even know what NoScript is?

Logging into Orkut, the victim is greeted with Portuguese-language text that reads: “2008 vem ai… que ele comece mto bem para vc.” This translates to “2008 is coming…I wish that it begins quite well for you”.

No interaction is necessary. Simply looking at the scrap starts the infection sequence,” says Trend Micro researcher Robert McArdle.

Once the scrap is viewed, it deletes itself and the victim is automatically added to the “Infectados pelo Vírus do Orkut” community.

Once a user becomes infected, the infected account downloads and executes an embedded Javascript that sends a copy of the original Scrapbook post to all the victim’s contacts.

But yes indeed, it shows the danger of allowing rich user content sanitizing it properly. Haven’t they learned their lessons from what happened at MySpace?

Source: eWeek



Recent in Malware:
- Microsoft’s Anti-Malware Action Cripples Dynamic DNS Service No-IP
- Pirated ‘Watch Dogs’ Game Made A Bitcoin Mining Botnet
- Hook Analyser 3.1 – Malware Analysis Tool

Related Posts:
- The First Reported Facebook Worm/Malware Pops Up – Secret Crush
- Google’s Orkut Hit by Data Stealing Worm – Mw.Orc
- Email Worm Spreading Like Wildfire – W32.Imsolk/VBMania Variant

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,291 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,440 views
- US considers banning DRM rootkits – Sony BMG - 44,924 views

Low-cost VPS Hosting

5 Responses to “Worm Spreading Fast on Google’s Orkut Social Network”

  1. goodpeople 21 December 2007 at 10:45 am Permalink

    Seems to me that this is a classic case of “released too early”. Hope the guys at Google do something about it fast..

  2. Nobody_Holme 22 December 2007 at 11:38 am Permalink

    *shrug*

    anyway, merry christmas everyone, i’m off home until the new year, i think.

  3. Orkut_Virus 30 December 2007 at 2:17 pm Permalink

    Theres another kind of orkut virus, here is the screen shots with description:

    http://www.megaleecher.net/Orkut_Auto_Scrap_Virus

    Since all info is pulled from DB’s, I suggest orkut should have some system to automatically disable all msg’s of a particular kind if found illegit.

  4. eM3rC 6 January 2008 at 10:29 pm Permalink

    Poor google, first this then the adsense trojan.

    It seems like hackers are getting into more and more big companies (google being one of the biggest) and using it to wreak chaos.

  5. Jinesh Doshi 23 May 2008 at 7:44 am Permalink

    Thanks for the warning. Now i wont click any such link.