View Single Post
Old 06-16-2006, 11:06 AM   #1
I am a Contributing Geek. Are You?
Steve_S's Avatar
Join Date: Aug 1998
Location: Las Vegas, Nevada, USA
Posts: 5,224
Exclamation Data-Theft Worm Targets Google's Orkut

Wayne Porter and Chris Boyd (Paperghost) of FaceTime Security Labs have just discovered and documented a VERY nasty Worm which is primarily targeted at Brazilian users of Orkut. A few thoughts:

Google's Orkut is a twist on the MySpace model. It's a closed, by invitation only, social Networking site which in theory is designed to keep the bad guys out. "The sad fact is, large concentrations of end-users in a confined space are like the world's biggest honeypot to a social engineer."

Iv'e observed lots of abuse in this space on MySpace and frankly think that all of these sites are a huge magnet for every low life on the planet who wishes to engage in password theft, ID theft, Spyware/Malware, Spam, and zombies for a botnet.

Boyd and Porter have documented the following actions by this nasty worm:

- Keylogging
- Deposited user into a Botnet. File sharing stolen content
- Stealing log in data for your bank accounts and other sites
- Spyware infection
- False time stamps and a back dating worm

The entire story with additional details, screen grabs, and videos is located at:

If you and or your kids use any social networking site you MUST take precuations. As Boyd points out, this is just the tip of the iceburg.

Last edited by Steve_S; 06-16-2006 at 11:09 AM.
Steve_S is offline   Reply With Quote