Orkut Sharing

Tuesday, March 11, 2008

A WORM named SCRAPKUT is fast targeting Orkut users

How dose a WORM named SCRAPKUT targeting Orkut users ?

1) A malicious scrap message which is posted to victim’s scrapbook.

2) Clicking on the link, redirected to some malicious website which prompts you to download the file “flashx_player_9.8.0.exe” disguised as a flash upgrade.

3) The victims whole system comes under the virus attack.

4) When a user visits Orkut and starts a session from the infected system, maindwxp.exe injects Javascript code into the active Orkut web session and executes in context of the Orkut domain and user authenticated session.

5) And your friends end up getting fake mails (ones you never sent) from you, which starts over again.

The cyber security wing of the department of information technology (DIT) has suggested all Orkut users refrain from downloading any fake link to YouTube video looking as if it is from a known member of its friend list, The active Orkut virus was tracked on Friday last week while other viruses have been active on several other social networks for a few weeks now.

Similar attacks on Facebook, MySpace and Yahoo! MediaGrid have also come to light in recent weeks. On Facebook and MySpace, the user may be caught unawares while uploading photographs. After executing the malicious binary code, disguised as flash memory, the Scrapkut virus downloads further binaries-windosre-mote.exe, logservicess.exe and win32chekupdate.exe - to perform malicious actions on victim system. The downloaded file logservicess.exe copies itself as maindwxp.exe to different locations to ensure its execution on every start-up of infected system.

Here's how you can PROTECT YOURSELF

1) Orkut users should remain cautious while visiting any link provided in there scrapbook.

2) Keep anti-virus and antispyware signatures up-to-date.

3) And most important of all do not visit untrusted websites.



At March 12, 2008 at 8:11 AM , Anonymous sunil said...

ravish you saved my life...i had got that scrap....but thanks to u that u informed me about it.....

At March 12, 2008 at 10:52 PM , Blogger ravish said...

Thanks Sunil, its good to hear that this post helped someone. Be more careful next time also.

At October 8, 2008 at 6:51 AM , Anonymous Mugdha said...

This was a useful information. You are doing a great job. Your blog is best.

At October 8, 2008 at 7:51 AM , Blogger ravish said...

Thanks mugdha...


Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home