Orkut Attacked By ‘Bom Sabado’ Worm
In the second major XSS (cross-site scripting) attack on a major social networking service this week after Twitter, Orkut, a social networking site owned by Google was flooded with “Bom Sabado” scraps. “Bom Sabado” which means “Good Saturday” in Portuguese, the official language of Brazil.
As per the discussion going on at the official Orkut help forum, the worm seems to be posting scraps with the text “Bom Sabado” and adding affected users to new Orkut groups. Similar XSS attacks have targeted Orkut users in the past too. Experts have advised users to avoid logging on to Orkut till Orkut engineers fix the security hole and not to click on any suspicious links. Orkut had just last month announced new updates to the website.
If you are a Orkut user and have received a scrap “Bom Sabado” from one or more of your friends, then you are under attack and you should clean your browser cookies, history and cache. You should also change your password and password retrieve questions by visiting https://www.google.com/accounts/ManageAccount?hl=en. Switch back to old Orkut and then delete the scrap “Bomb Sabado.” Avoid visiting profiles of friends who are infected or who have sent you the scraps. If you are Firefox user then use NoScript Addon. More information can be found here.
tptools.org/worm.js. On investigating, we have found that the site is now suspended by its host.