A WORM named SCRAPKUT is fast targeting Orkut users

How dose a WORM named SCRAPKUT targeting Orkut users ?

1) A malicious scrap message which is posted to victim’s scrapbook.

2) Clicking on the link, redirected to some malicious website which prompts you to download the file “flashx_player_9.8.0.exe” disguised as a flash upgrade.

3) The victims whole system comes under the virus attack.

4) When a user visits Orkut and starts a session from the infected system, maindwxp.exe injects Javascript code into the active Orkut web session and executes in context of the Orkut domain and user authenticated session.

5) And your friends end up getting fake mails (ones you never sent) from you, which starts over again.

The cyber security wing of the department of information technology (DIT) has suggested all Orkut users refrain from downloading any fake link to YouTube video looking as if it is from a known member of its friend list, The active Orkut virus was tracked on Friday last week while other viruses have been active on several other social networks for a few weeks now.

Similar attacks on Facebook, MySpace and Yahoo! MediaGrid have also come to light in recent weeks. On Facebook and MySpace, the user may be caught unawares while uploading photographs. After executing the malicious binary code, disguised as flash memory, the Scrapkut virus downloads further binaries-windosre-mote.exe, logservicess.exe and win32chekupdate.exe - to perform malicious actions on victim system. The downloaded file logservicess.exe copies itself as maindwxp.exe to different locations to ensure its execution on every start-up of infected system.

Here's how you can PROTECT YOURSELF

1) Orkut users should remain cautious while visiting any link provided in there scrapbook.

2) Keep anti-virus and antispyware signatures up-to-date.

3) And most important of all do not visit untrusted websites.