A fast-moving worm that infected more than 700,000 users on Google’s social networking site Orkut. in just 24 hours. Anyway, the search giant Google has reportedly repaired the prolific spam worm launched on orkut.
The Portuguese language attack exploited a vulnerability in Orkut’s scrapbook feature to post malicious JavaScript code on a user’s page.
On viewing the scrapbook post, the code performed the exploit and downloaded a .js file to the user’s machine.
The worm then took control of the user’s account, sending out copies of itself to all of the user’s friends and joining a group called ‘Infectados pelo Vírus do Orkut’, which translates as ‘Infected by Orkut virus’.
The worm does not appear to download any other malicious programs. Security experts said yesterday that the malicious code has been removed from users’ pages and the worm has been taken offline.
Symantec researcher Umesh Wanve said that, although the attack was largely benevolent, it is worrisome because it was launched simply by loading the user’s Orkut profile.
"This worm illustrates how a simple script injection exploit could affect a large social networking site," wrote Wanve in a company blog.
"This worm could have been used for other malicious purposes, such as stealing cookies, exploiting other vulnerabilities or stealing sensitive data."
"The ability to add Flash/JavaScript content to Orkut scraps was only recently introduced."
Leave Your Comments