All the latest UK technology news, reviews and analysis
|
|
|
21 Dec 2007
A fast-moving worm has infected more than 700,000 users on Google's Orkut social network in just 24 hours.
The Portuguese language attack exploited a vulnerability in Orkut's scrapbook feature to post malicious JavaScript code on a user's page.
On viewing the scrapbook post, the code performed the exploit and downloaded a .js file to the user's machine.
The worm then took control of the user's account, sending out copies of itself to all of the user's friends and joining a group called 'Infectados pelo Vírus do Orkut', which translates as 'Infected by Orkut virus'.
The worm does not appear to download any other malicious programs. Security experts said yesterday that the malicious code has been removed from users' pages and the worm has been taken offline.
Symantec researcher Umesh Wanve said that, although the attack was largely benevolent, it is worrisome because it was launched simply by loading the user's Orkut profile.
"This worm illustrates how a simple script injection exploit could affect a large social networking site," wrote Wanve in a company blog.
"This worm could have been used for other malicious purposes, such as stealing cookies, exploiting other vulnerabilities or stealing sensitive data."
McAfee researcher Vinay Mahadik expressed similar concerns. "This clearly illustrates the issue with allowing rich content on social/professional networking sites, and not sanitising it enough," he wrote on a company blog.
"The ability to add Flash/JavaScript content to Orkut scraps was only recently introduced."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Leading Financial Trading Systems Brokerage / Capital...
Technical Consultant - Windows, Virtualisation, HP, Server...
The role requires an experienced Project Manager, particularly...
iPhone and iPad developer required! We are seeking...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
The First Thing First
I were browsing through my friendslist and writing scraps to them and I found this worm on 4 out 5 friend scrap book, and it was send by their trusted friends even them I know... I first ignore that because I didn't understand the language it was written and when I see this worm in more profile I'd agree to click on it because I thought it would be something that people are digging now a days. Then I decided to play the video then I just mouse over it found that the youtube player behaving negative and I got fishy about that now I just mouse over it and right click and got shock it was just a snap of the youtube video because I was able to save the image. I took a pick on the status bar then I put out some rubbish from my mouth... and copy the link of status bar then Google it, wait some moment and Google yield nothing I tried to warn my friends about that and got my net DC, so today I search the new attack because I were know it was an attack and get here and write this. When ever you got stuff from your friend please verify the link and your status bar and try to copy the link and Search it in the search engines first if you really not satisfy the search result ask your friend did he/she really send it to you or its an script. Don't be so rush your status bar shows you your privacy status or something similar.
Posted by: Arsalan The precious thing 08 Feb 2008