By Ryan Naraine
December 19, 2007
Google's social network is hit by a fast moving worm that is attacking
members of a Portuguese-language community.
A fast moving worm is squirming though Google's Orkut social network,
adding hundreds of thousands of users to an Orkut community created by a
The worm, which first appeared on Dec. 19, has been spreading through
Orkut's Scrapbook system at a rapid pace, infecting more than 650,000
users in the space of a few hours.
According to an alert from anti-virus specialist Trend Micro, infection
starts when an Orkut user is sent an e-mail telling them that they have
a new Scrapbook entry.
Logging into Orkut, the victim is greeted with Portuguese-language text
that reads: "2008 vem ai que ele comece mto bem para vc." This
translates to "2008 is comingI wish that it begins quite well for you".
No interaction is necessary. Simply looking at the scrap starts the
infection sequence," says Trend Micro researcher Robert McArdle.
Once the scrap is viewed, it deletes itself and the victim is
automatically added to the "Infectados pelo Vrus do Orkut" community.
Once a user becomes infected, the infected account downloads and
Scrapbook post to all the victim's contacts.
According to McAfee researcher Vinay Mahadik, the worm is abusing the
that was only recently introduced by Google.
"This clearly illustrates the issue with allowing rich-content on
social/professional networking sites, and not sanitizing it enough,"
Mahadik said in an entry on the McAfee Avert Labs blog.
This is the second major worm attack to take aim at a popular social
network. In October 2005, the Samy worm used cross-site scripting
techniques to spread through MySpace, infecting more than a million
users in less than a day.
Visit InfoSec News