///////////////////////////////////////////
How to access Orkut inspite of Bom Sabado and stop Scrap Flooding
If you have logged in Orkut today, You may have came across Bom Sabado!
which means Good Saturday in Portuguese. It is a malicious code or Cookie
stealing virus spreading on orkut which floods your Friends scrapbook with
scraps saying Bom Sabado! This is a major XSS (cross-site scripting) attack
which was observed back in February also.
Orkut Officials havent given any details but various sources on web
confirmed that its a worm that injects a hidden iframe containing a
malicious javascript .js [do not click this], which steals the user cookie
which contains the password in an encoded form.We cannot confirm whether
Bom Sabado is a virus or not but whomsoever is infected should clear
cookies and change password immediately from here.
How to access Orkut and stop Bom Sabado?
The attacker do not get to know your plain text password but can login
using your credentials by impersonating using the cookie to fool the
identification system. So a trivial solution is to disable javascript,
another solution is to disable iframes or u can take an advanced measure by
blocking the domain by editing your hosts file and redirecting it to a safe
address, say 127.0.0.1
Open your Host file with notepad
Windows 95/98/Me c:\windows\hosts
Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts
Windows XP Home c:\windows\system32\drivers\etc\hosts
and for Windows 7 – C:\windows\system32\drivers\etc\hosts
Add this code at the end -
127.0.0.1 tptools.org
127.0.0.1 www.tptools.org
Still, I would recommend not to use Orkut till the issue is fixed.
No comments:
Post a Comment