Worm on Google’s Orkut Infects Users Rapaciously
A Portuguese worm that spreads rapidly hit the Orkut social networking site of Google and infected numerous users. The affected users received e-mail informing them that another user on Orkut had sent them an entry for Scrapbook on their profile.
By simply viewing the profile page, the worm infected the users who were added to the Orkut group called "infectados pelo Virus do Orkut" meaning "infected by the Orkut virus", wrote Kee Hinckley, a blogger of the site TechnoSocial. PCWorld published this in news on December 19, 2007.
The infection occurred with the exploitation of a security hole that an XSS fault created in a code designed by Google webmasters. XSS flaws allow hackers to inject malware by deceiving a browser that the file sent is from a reliable website.
The group seemed to have over 655,000 members of which some might have joined at their own will rather than being forced by the nasty worm. However, within few hours, Google shut down the cross-site scripting vulnerability that allowed the attack.
The worm came to the notice of Orkut Plus, a website that provides security tips for Orkut users. The site is also a subject of discussion in Orkut help group of Google.
CTO David Maynor of Errata Security, a security services company, said that such attacks were shifting the model and it wouldn't be difficult for the Orkut worm creators to steal login credentials of a user on Orkut. The credentials are used for accessing Google calendar accounts and mail, Google web searches and the recent Google map. The Register published this on December 19, 2007.
Related article: Worm Spreads With Random Subject Lines
» SPAMfighter News - 04-01-2008