Unless you live in India, Brazil or the geekosphere, you probably have never heard of orkut, which is Google’s official social network which (sadly) never became popular in the US.
Anyways it seems as if a new virus has hit the service, which isn’t good news (especially with Facebook attempting to dethrone orkut in the nation of a billion minds).
Anyway, as for the Bom Sabado worm, it is a JavaScript based worm that spreads itself through Orkut scraps (the Orkut equivalent of a Facebook wall scribble). The worm is an auto generated message which might look like just another scrap from your buddy. The scrap actually embeds a malicious JavaScript code which infects the profile of the person as soon as he opens the scrap page. Soon after this, the code is executed and it will make the user join bot communities automatically. The worm then starts posting similar scraps to the user’s friends using his name, thereby spreading itself. The worm also steals browser cookies. (TechTree)
While orkut is not a stranger to these types of attacks (after all, even Facebook gets hit with these every once in a while), Google may want to consider curbing the spread of this attack by temporarily freezing accounts affected.
Although orkut will probably have everyone’s scrapbook cleaned up within a few days (or a week at the latest), users should be careful whenever receiving strange links from friends online, and if suspicious should probably pick up the phone and call to verify whether the hyper link is safe.
Originally posted on September 27, 2010 @ 1:19 pm