8:55 am (UTC-7) | by Robert McArdle (Senior Threat Researcher)
There appears to be a Web worm that has replicated at an alarming rate through Google‘s Orkut social network in the last few hours.
Infection starts when the user is sent an email telling them that they have a new Scrapbook entry (essentially a guestbook). Upon visiting their page the user sees the text:
“2008 vem ai… que ele comece mto bem para vc”
At last count the group had over 400,000 users who had been infected. A Google translation of the description of the groups reads:
If you came into this community, make sure that no data was stolen and not your will, that is not my goal.
If I are sure at the end of all, this community should is lotada of people
This just to show how Orkut may be dangerous, you came up here without clicking absolutely no link malicious, everything was done reading scraps.”
Luckily for the almost half a million users, this was purely a proof of concept. The possible implications of a more malicious attack in the future however are much more worrying.
Share this article