Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Worm burrows into Google's Orkut

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Worm burrows into Google's Orkut
Date: Wed, 21 Jun 2006 01:13:32 -0500 (CDT) 
http://www.techworld.com/security/news/index.cfm?newsID=6251

By John E. Dunn
Techworld
19 June 2006

An automated information theft worm has been discovered spreading
through Google's social networking website, Orkut.

Using a URL as the lure, MW.Orc installs itself in an Orkut scrapbook,
a public guestbook where visitors can leave comments or links.  
Infection follows for anyone clicking on this, after which it attempts
to steal banking user names and passwords in trusted phishing style,
should such services be accessed.

The worm also gives criminals the potential to use the infected PC as
a bot for the distribution of pirated movie files.

Written in Portuguese, the link is believed to be designed to hook
Brazilians, the main users of the system. Google is said to have come
up with a temporary patch to stop its activities, although a posting
by FaceTime Security Labs' researchers on blog.spywareguide states
that the worm has been causing problems for some time.

"The idea of problems behind "gated" communities is a pretty
interesting one, even more so when the idea regularly rolls around
that segregating various parts of the Internet to "keep the bad guys
out" would be a great idea. But what happens when those bad-guys are
already inside the gates?," the blog entry continues.

"Sometimes there is a false sense of security and trust that an end
user has in a "gated" community such as Orkut. This is similar to what
we see happening in instant messaging," was the official comment from
FaceTime's Chris Boyd.

A relatively obscure part of the Google empire, the invitation-only
Orkut is said to have been named after its creator, Google employee
Orkut Buyukkokten.



_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Worm burrows into Google's Orkut, InfoSec News <=
Previous by Date:  [ISN] UAB Computer Theft Puts Thousands At Risk Of Identity Theft, InfoSec News
Next by Date:  [ISN] Lord battles government over cybercrime laws, InfoSec News
Previous by Thread:  [ISN] UAB Computer Theft Puts Thousands At Risk Of Identity Theft, InfoSec News
Next by Thread:  [ISN] Lord battles government over cybercrime laws, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]