Scrapkut worm fast targeting Orkut users
This is to bring to your notice about a malicious worm "Scrapkut" that has hit most of the social networking sites and is fast targeting Orkut users. Similar attacks on Facebook, MySpace and Yahoo! MediaGrid have also come to light in recent weeks.
How does it work?
A malicious scrap message is posted to victim’s scrapbook containing a fake link to YouTube video looking as if it is from a known member of its friend list.
When the victim clicks on the link, it’s redirected to some malicious website which prompts you to download the file "flashx_player_ 9.8.0.exe" disguised as a flash upgrade and the victim’s whole system comes under the virus attack.
The active Orkut virus was tracked on Friday last week while other viruses have been active on several other social networks for a few weeks now.
On Facebook and MySpace, the user may be caught unaware while uploading photographs. After executing the malicious code, disguised as flash memory, the Scrapkut virus downloads further exe files to perform malicious actions on victim system. The downloaded file exe files copies itself to different locations to ensure its execution on every start-up of infected system.
When a user visits Orkut and starts a session from the infected system, the exe file injects a malicious code into the active Orkut web session. You are under virus attack and your friends end up getting fake mails (ones you never sent) from you.
Precautionary Measures as suggested by cyber security wing of the department of information technology (DIT):
Users should be cautious while visiting any link provided in Orkut or any social networking site
Ensure that the latest patches and fixes are installed for the operating system and application softwares
The antivirus and antispyware signatures should be up-to-date
Do not visit untrusted websites.