Saturday, September 25, 2010

‘Bom Sabado’ scrap bombing in orkut

If you are amongst the few who still give a damn about Orkut, you might have noticed something fishy going on over the past few hours. A large number of users are randomly flooding their friend’s scrapbooks (Orkut’s equivalent of Facebook Wall) with the following message:

Orkut-Hack-Bom-Sabado


It doesn’t take a genius to figure out that the “Bom Sabado!” messages are automatically generated by a script. However, it is not clear if this is simply a script exploiting vulnerability

in Orkut, or have the accounts sending the automated scraps been compromised.
If you are amongst those affected, it’s highly recommended that you follow the steps highlighted below:

Switch to the “older version” of Orkut.
Log out of Orkut.
Clean your browser’s cache and cookies.
Log in and change your password and security question.
If you haven’t been affected yet, it is strongly advised that you avoid Orkut until the issue has been resolved. I managed to trigger the same exploit while researching this article. Recently other high profile websites like Twitter and YouTube also fell victim to XSS attacks.

This is a developing story; we will update this topic as soon as we learn more. In the meanwhile, stay tuned to Techie Buzz and don’t forget to share your experience, if you have also been affected.

No comments:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Powered by Blogger | Printable Coupons