Worm Spreading Fast on Google’s Orkut Social Network

Use Netsparker


A new worm has hit Google’s Orkut and it seems to be hitting it pretty hard, it’s infected via the scrapbook feature and is adding hundreds of thousands of users, similar to the Myspace worm (Samy) that hit in October 2005.

It seems to be fairly unmalicious, more of a ‘look at me – see what I can do’ kind of thing. It’s certainly interested to see that social networking sites are beginning to be the focus of hackers, even if it’s not for money or stealing info..But more of a playground to test their skills.

A fast moving worm is squirming though Google’s Orkut social network, adding hundreds of thousands of users to an Orkut community created by a Brazilian hacker.

The worm, which first appeared on Dec. 19, has been spreading through Orkut’s Scrapbook system at a rapid pace, infecting more than 650,000 users in the space of a few hours.

According to an alert from anti-virus specialist Trend Micro, infection starts when an Orkut user is sent an e-mail telling them that they have a new Scrapbook entry.

I guess you can avoid it by not reading any scraps, or using something like NoScript – which would remove the danger of the JavaScript. But again it comes back to the same old thing, how many average users would even know what NoScript is?

Logging into Orkut, the victim is greeted with Portuguese-language text that reads: “2008 vem ai… que ele comece mto bem para vc.” This translates to “2008 is coming…I wish that it begins quite well for you”.

No interaction is necessary. Simply looking at the scrap starts the infection sequence,” says Trend Micro researcher Robert McArdle.

Once the scrap is viewed, it deletes itself and the victim is automatically added to the “Infectados pelo Vírus do Orkut” community.

Once a user becomes infected, the infected account downloads and executes an embedded Javascript that sends a copy of the original Scrapbook post to all the victim’s contacts.

But yes indeed, it shows the danger of allowing rich user content sanitizing it properly. Haven’t they learned their lessons from what happened at MySpace?

Source: eWeek

Posted in: Malware, Web Hacking

, , , , , ,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


5 Responses to Worm Spreading Fast on Google’s Orkut Social Network

  1. goodpeople December 21, 2007 at 10:45 am #

    Seems to me that this is a classic case of “released too early”. Hope the guys at Google do something about it fast..

  2. Nobody_Holme December 22, 2007 at 11:38 am #

    *shrug*

    anyway, merry christmas everyone, i’m off home until the new year, i think.

  3. Orkut_Virus December 30, 2007 at 2:17 pm #

    Theres another kind of orkut virus, here is the screen shots with description:

    http://www.megaleecher.net/Orkut_Auto_Scrap_Virus

    Since all info is pulled from DB’s, I suggest orkut should have some system to automatically disable all msg’s of a particular kind if found illegit.

  4. eM3rC January 6, 2008 at 10:29 pm #

    Poor google, first this then the adsense trojan.

    It seems like hackers are getting into more and more big companies (google being one of the biggest) and using it to wreak chaos.

  5. Jinesh Doshi May 23, 2008 at 7:44 am #

    Thanks for the warning. Now i wont click any such link.