A fast moving worm is squirming though Google''s Orkut the social networking site, adding hundreds of thousands of users to an Orkut community created by a Brazilian hacker. Social networking is a phenomena defined by linking people to each other in some way.
The worm, which first appeared on Dec. 19, has been spreading through Orkut''s Scrapbook system at a rapid pace, infecting more than 650,000 users in the space of a few hours.
According to an alert from anti-virus specialist Trend Micro, infection starts when an Orkut user is sent an e-mail telling them that they have a new Scrapbook entry.
Logging into Orkut, the victim is greeted with Portuguese-language text that reads: ''2008 vem ai que ele comece mto bem para vc." This translates to "2008 is coming; I wish that it begins quite well for you."
No interaction is necessary. Simply looking at the scrap starts the infection sequence, says Trend Micro researcher Robert McArdle.
Once the scrap is viewed, it deletes itself and the victim is automatically added to the ìInfectados pelo VÌrus do Orkutî community.
Once a user becomes infected, the account downloads and executes an embedded Javascript that sends a copy of the original Scrapbook post to all the victim''s contacts.
According to McAfee, the worm is abusing the ability to add JavaScript content to Orkut Scrapbook entries, a feature that was only recently introduced by Google.
This is the second major worm attack that has targeted at a popular social network. It should be noted that the social networks have always remained a ''good'' target for such malicious activities. In October 2005, the Samy worm used cross-site scripting techniques to spread through MySpace, infecting more than a million users in less than a day. -eWEEK
More reviews about the http://jang.com.pk/thenews/jan2008-weekly/cyber-03-01-2008/index.html