TrendLabs - Spammers Targeted Orkut Users
TrendLabs said that during the second week of February 2009, users of social networking site-Orkut- was chosen for a mail scam to execute malware on the user's system.
As per the company, the malware targets the antivirus software, which, in turn, allow extra software to be downloaded on the system. The scam is comparatively easy from other scams: Orkut users get mails that warn them of suspicious activity on their accounts.
One of the e-mails alerts that the user's account has been blocked for containing inauthentic details like copyrighted or non-authorized details. For addressing the issue, they are provided with a link which allegedly carries more details on their account.
Security analysts at TrendLabs inform that on clicking the given link, users are directed to an illegitimate website wherein they are asked to install a file which, probably, is a malware know as TROJ_DLOADER.WKV.
Moreover, the mail says that the users get only 2 days for activating their profile by clicking on the malicious link.
Another scam starts in a similar fashion states that the users receive a mail informing them that their accounts are inauthentic or sending spam. Similar to the first scam, it also includes an attached link to rectify the error and confirm their account. This link also directs users to a harmful site where the malware is offered for installation. For both the situations, TrendLabs suggest users to ignore the inauthentic mails.
In addition, during December 2008, Orkut users were attacked by a Worm that hacked almost 400,000 users. The worm was activated by seeing a harmful scrapbook entry which led to infection and spread to everyone listed in a contact segment of the targeted profile.
Security experts inform that a large number of users and the fact that social networking sites are famous targets for hackers are the two main reasons Orkut is attacked. Lately, Orkut ranked 21st in top 25 social networking sites list of Compete.com. The researchers also comment that social networking sites like MySpace and Facebook are often attacked by hackers.
Related article: Trend Micro Detects Spam Mail Declaring World War III
» SPAMfighter News - 28-02-2009