View Single Post
Old 06-16-2006, 12:06 PM   #1
Steve_S
I am a Contributing Geek. Are You?
 
Steve_S's Avatar
 
Join Date: Aug 1998
Location: Las Vegas, Nevada, USA
Posts: 5,224
Exclamation Data-Theft Worm Targets Google's Orkut

Wayne Porter and Chris Boyd (Paperghost) of FaceTime Security Labs have just discovered and documented a VERY nasty Worm which is primarily targeted at Brazilian users of Orkut. A few thoughts:

Google's Orkut is a twist on the MySpace model. It's a closed, by invitation only, social Networking site which in theory is designed to keep the bad guys out. "The sad fact is, large concentrations of end-users in a confined space are like the world's biggest honeypot to a social engineer."

Iv'e observed lots of abuse in this space on MySpace and frankly think that all of these sites are a huge magnet for every low life on the planet who wishes to engage in password theft, ID theft, Spyware/Malware, Spam, and zombies for a botnet.

Boyd and Porter have documented the following actions by this nasty worm:

- Keylogging
- Deposited user into a Botnet. File sharing stolen content
- Stealing log in data for your bank accounts and other sites
- Spyware infection
- False time stamps and a back dating worm

The entire story with additional details, screen grabs, and videos is located at:

http://blog.spywareguide.com/2006/06...ts_goog_1.html

If you and or your kids use any social networking site you MUST take precuations. As Boyd points out, this is just the tip of the iceburg.

Last edited by Steve_S; 06-16-2006 at 12:09 PM.
Steve_S is offline   Reply With Quote