Right at this very moment, a cross-site script has been spreading like wildfire in Orkut communities due to a flaw in Google's Orkut.
If you've read the following scrapbook entry in Orkut
2008 vem ai... que ele comece mto bem para vc
from one of your friends, you're infected. Simply viewing the message alone is sufficient for your Orkut account to be added a new community named "Infectados pelo Vírus do Orkut" and be an unwilling new host for the worm. At the time of this writing, the number of Orkut members in Infectados pelo Vírus do Orkut is already at the 400K mark.
According to a posting made by the author of this worm, Rodrigo Lacerda, this script is not malicious in any way, well except for making you an unwitting participant of his experiment. You can verify this for yourself as someone has posted the decoded javascript source of the script at http://paste.uni.cc/17840. The original is located at http://files.myopera.com/virusdoorkut/files/virus.js. Still, changing your password isn't terribly difficult.
From what I can grasp from scanning through the script, it appears to work this way. First, it'll add you to http://www.orkut.com/CommunityJoin.aspx?cmm=44001818. Next, it'll load and extract your entire friends list and send itself to them, thus completing the infection cycle. It is able to do this because of the fact that Orkut allows HTML to be inserted into scraps.
Apparently "2008 vem ai... que ele comece mto bem para vc" is roughly translated into 2008 is coming... that it begins is really good for you. It doesn't seem to look that way for Orkut engineers.
Edit: Btw, the excessive traffic generated by this script is partly due to the fact that it will continually attempt to contact Orkut's servers if it fails to do what it wants on the first try (force you into the above-mentioned community and load your friend's list).
Update: The original script location now returns an empty file. That should prevent any new infections from now on. Note that while many folks think that the flash file is somehow malicious, I'm quite sure that it isn't because http://www.orkut.com/LoL.aspx (source of the flash) doesn't even exist!
The embed code is simply the vector through which the malicious script is loaded. This is because it is crafted in such a way that your browser will parse and execute the javascript contained in the embed code. Hence the best way to mitigate this would be to use the NoScript extension rather than FlashBlock, since javascript is the real culprit here.
Btw, you should thank Rodrigo Lacerda for highlighting this vulnerability in such a manner.
Sources:
[Google's Orkut Hit with a Javascript (Flash?) Worm @ TechnoSocial]
[Orkut XSS @ Sounds From The Dungeon]
22 people had something to say! Why don't you join in? The more the merrier!
Oh my goodness! Impressive article dude! Thank you, However I am having issues with
your RSS. I don't understand the reason why I cannot join it. Is there anybody getting the same RSS issues? Anyone who knows the answer can you kindly respond? Thanx!!
My site: bmi chart male
My brother recommended I might like this website.
He was entirely right. This post truly made my day. You cann't imagine just how much time I had spent for this information! Thanks!
Take a look at my web page ... dj nunta
Published: Tuesday, April 8, 2008 11:07 AM CDT Following the January reports of unidentified flying
objects over Dexter Missouri Nutrition Center, causing a worldwide stir among curious journalists and UFO enthusiasts.
Also visit my web page; zachariah hedrick
I'm extremely impressed together with your writing talents as well as with the structure to your blog.
Is this a paid theme or did you modify it yourself?
Either way stay up the excellent quality writing, it is uncommon to
see a great weblog like this onee today..
Take a look at my website; ihacktivation
Most of the new functions appear too-much like social media giant Facebook.
Many individuals ignore this quite simple phase.
No commandline scripts and no lousy dark DOS-like monitor!
my site :: whatsapp for pc windows xp free download
You're so awesome! I don't suppose I've read anything like this before.
So good to find somebody with original thoughts on this
subject. Really.. many thanks for starting this up.
This website is one thing that's needed on the internet,
someone with a little originality!
Here is my web-site: g spot Vibrator
From what I hold from scanning through the script, seems to work this way. First, it will add you to. Furthermore, it will load and extract your entire list and send itself to life cycle theory of leadership them, thus completing the cycle of infection. It can do this because of the fact that Orkut allows HTML to put in a memo.
Nice post! I like it.. visit my articles...
Download Instagram APK
Apa itu Instagram
Cara jualan di Instagram
Cara upload video ke Instagram
Cara mengganti foto profil Instagram
Cara menghapus foto di Instagram
keep posting! thanks..
Thanks a million and please keep up the
gratifying work.
Look into my blog..
Manfaat daun singkong
Manfaat daun pisang
Manfaat daun binahong
Cara mengobati keputihan
Manfaat daun sirih merah
Manfaat daun pepaya
Obat darah tinggi
Obat herbal diabetes
Obat herbal darah tinggi
Obat pelangsing herbal
Thank you for sharing the info
Nice post.. Thank you for sharing!
Perencanaan dalam trading forex
You're so wonderful! I don't assume I've perused anything like this some time recently.
So great to discover some individual with unique contemplations on this
subject. Truly.. much obliged for beginning this up.
Location of the original scenario now returns an empty file. You must prevent any new injuries from now on. Note that while many people believe that the flash file is harmful way or another cara menghapus akun bbm di gmail
Nice artikel..
How to use leverage wisely
Very good website you have here but I was curious if you knew of any forums that cover the same topics talked about here?
visit my website.....Good acne Cure
Nice Post,
Information about cars and news about the latest cars. Visit my blog.
2019 Chevrolet Impala
2018 Toyota Prado
Sangat bagus sekali dan sungguh bermanfaat .. jangan lupa kunjungi web saya Showtv21 terimakasih banyak jadi sangat bagus
Nice article
Thanks for the information
please visit my articles:
Health Benefits of Carrots
Health Benefits of Eggplant
Amazing Health Benefits of Eating Celery
Amazing Health Benefits of Cucumbers
Health Benefits of Potatoes
Health Benefits of Kale
Health benefits of Long bean for your body
Amazing Benefits Of Cassava For Health
Great Health Benefits Of Onions
Health Benefits of Beans
Nice post...
Visit my blog posts please...
biaya umroh bulan januari
biaya umroh bulan februari
biaya umroh bulan maret
biaya umroh bulan april
biaya umroh bulan mei
biaya umroh bulan ramadhan
biaya haji onh plus
biaya umroh bulan desember
keutamaan umroh
Thank you...
Wow Great post, please visit back
www.onmusician.com
www.tipscara.xyz
www.tipstrick.xyz
Thank you for the information is very useful for us all ..
not only I need, but many people are looking for information about all this.
Jav Uncensored
I really like this blog, also visit my blog > hdtvku
Sangat bagus nih yalla shoot streaming
Have something to say? Here's your chance!