Search

Bom Sabado virus in orkut – A big treat for orkut

Posted by on Sep 25, 2010 | 26 Comments

Google’s social networking website Orkut has been attacked by virus called “Bom Sabado” on Saturday morning, which is a big treat for orkut . “Bom sabado” is a Portuguese world it means “Good Saturday” in English.

Bom Sabado virus, Bom Sabado, Bom Sabado orkut, orkut virus

Bom Sabado is an orkut virus affecting profiles of many. Those who are affected by this virus are advised to change password and security question. Log out immediately and also clear the cookies and history.

Users are also advised not to open Orkut account until the problem solved. Orkut had just last month announced new updates to the website. It’s a second time Orkut got affected by this kind of viruses. The same virus has hit Orkut last Feb also.

A few hours back, the Bom Sabado virus seems to have started and now it is all over orkut scraps that spreading from friend to friends. It is an auto generated message which is filing your scrapebooks. The scraps come from the friend list and it comes just like any other normal orkut scraps. Users are also advised not to open such scraps. The bug is hitting your cookies and automatically sending messages to your friend list.

If anyone reads this scrap even in their profile, their cookies are also stoled and so they are also posting scrap automatically to their friend list same scrap as bomb something like.

Orkut officials have not clear yet that the Bom Sabado is a virus or not. In week, this is a second XSS attack on a social networking website. The popular microblogging website Twitter was also attacked by a computer worm created by Norwegian. Twitter was received an XSS exploit, the attack, which emerged and was shut down within hours Tuesday morning and involved a XSS flaw that allowed users to run JavaScript programs on other computers.

Solutions:-

  • Do not visit any profile on Orkut till this script is blocked
  • Clear your cookies and cache right away and change your password and security question.

[UPDATES]

<p>Users are getting scraps from their friends with the message &quot;2008 vem ai… que ele comece mto bem para vc&quot;. Even if they try to read their scraps They can get hacked. There is an XSS (Cross site scripting) prevailing in the scrapbook, which allows the execution of malicious script, which can perform following actions,</p>
<ul><li>Stealing their cookies</li><li>Logging them out and redirecting them to a fake page</li><li>Logging them out and redirecting them to a page which automatically installs keylogger, viruses in their computer system</li></ul>
<p>As soon as they read this scrap even in their profile, their cookies are also stolen and so they are also posting scrap automatically to their friend list same scrap as bomb something like the script is running on and also in status of profile their falg is coming. Status is automatically updated in some profile. It&rsquo;s their flag of Brazil. So Google team is working on it.</p>
<h4><strong>Now you should do is, </strong></h4>
<p><strong>Follow these steps: </strong></p>
<p>1. Immediately change your password and security question {including secondary email and mobile number if they also got changed.) This will solve the problem.</p>
<p>2. Find out whether some communities have been joined automatically. If yes, do remove them.</p>
<p>3. If your account has been completely hacked, then click on this <a href=”http://www.google.com/support/forum/p/orkut/thread?tid=39fa418ed1162078&amp;hl=en” rel=”nofollow” target=”_blank”>url</a></p>
<p><strong>Always remember these points:</strong></p>
<li>Don&rsquo;t ever login to any site rather than www.orkut.com</li><li>Don&rsquo;t ever run any javascripts while logged into your orkut account</li><li>Never use any flooder in your account</li><li>Don&rsquo;t ever share your password with anyone else and keep changing your password regularly.</li><li>Don&rsquo;t ever click suspicious link while logged into Orkut a/c. if you are curious you can copy the link and check them in</li><li>other browser after cleaning it&rsquo;s browser&rsquo;s cookie and cache.</li><li>Don&rsquo;t ever install any suspicious script on greasemoneky and ALWAYS DIABLE THE GM before logging in to orkut.</li><li>Do your mobile verification also, so that you can get back your a/c if hacker doesn&rsquo;t change the mobile number there.</li><li>http://www.orkut.co.in/Main#MobileSetupSettings</li><li>Install a good Update Ant ivirus and Anti Key logger and keep your system free from Key loggers and backdoor trojans.</li>
<li>Use Virtual Keyboard to enter your password for more securite. KIS 2010 provides it and there are many other V.</li>

Users are getting scraps from their friends with the message “2008 vem ai… que ele comece mto bem para vc”. Even if they try to read their scraps They can get hacked. There is an XSS (Cross site scripting) prevailing in the scrapbook, which allows the execution of malicious script, which can perform following actions,

  • Stealing their cookies
  • Logging them out and redirecting them to a fake page
  • Logging them out and redirecting them to a page which automatically installs keylogger, viruses in their computer system

As soon as they read this scrap even in their profile, their cookies are also stolen and so they are also posting scrap automatically to their friend list same scrap as bomb something like the script is running on and also in status of profile their falg is coming. Status is automatically updated in some profile. It’s their flag of Brazil. So Google team is working on it.

Now you should do is,

Follow these steps:

1. Immediately change your password and security question {including secondary email and mobile number if they also got changed.) This will solve the problem.

2. Find out whether some communities have been joined automatically. If yes, do remove them.

3. If your account has been completely hacked, then click on this url

Always remember these points:

  • Don’t ever login to any site rather than www.orkut.com
  • Don’t ever run any javascripts while logged into your orkut account
  • Never use any flooder in your account
  • Don’t ever share your password with anyone else and keep changing your password regularly.
  • Don’t ever click suspicious link while logged into Orkut a/c. if you are curious you can copy the link and check them in
  • other browser after cleaning it’s browser’s cookie and cache.
  • Don’t ever install any suspicious script on greasemoneky and ALWAYS DIABLE THE GM before logging in to orkut.
  • Do your mobile verification also, so that you can get back your a/c if hacker doesn’t change the mobile number there.
  • http://www.orkut.co.in/Main#MobileSetupSettings
  • Install a good Update Ant ivirus and Anti Key logger and keep your system free from Key loggers and backdoor trojans.
  • Use Virtual Keyboard to enter your password for more securite. KIS 2010 provides it and there are many other V.

  • 26 comments

    1. BlueBlack says:

      A Javascript generated worm namely ‘bom sabado’ is spreading in the orkut.
      these are the features.

      1) Scrap which contains text as ‘bom sabado’ is sent from profile with out the knowledge of profile owner
      2) those who opens the scrap gets infected.Some settings are automatically changed and pron communities are added to the profile with out the consent of profile owner.
      3)The worst thing is that the profile owner cannot unjoin from these communities and cannot report this bug to Google

      I think attack is on old orkut version…. Use new orkut version to remove all those communities from your account……………..

    2. Arshdeep says:

      thank u brother for information my id is hack by this virus plz tell me any solution to protect it frm that virus

    3. Arshdeep says:

      my new id is kingg4evar@gmail.com plz send me mail on this id to solve my problem of my old id plzzzzzzzz sir

    4. Abhishek says:

      thanx man for giving the solution

    5. cirft events and entertainment says:

      hello every one may i asked you a question who is authorised for that virus to save all our scrapes tel me its urgent so we will sue a case on that as a unity
      w are launching our company on 2 oct 2010 inindia and for that we have a all india survay for that and in that we get amazing result for that with at list 1500 intrested person who are iintrested roe taking our freanchasiee in all major city of india and as we gave our proposel to all of them we get all intrested persons city name and their contact at our scrape so friend can any one tell us that how we get all of them data that we have at our scrape becaus BOM SHABDO virus bloked all that
      if you can help us send us detail at
      cirfteventsandentertainment@gmail.com

    6. someone says:

      learn to use Firefox + Noscript, noobs :-\

    7. coral princess says:

      thnx………..its really a helpful info…..

    8. Piyush says:

      Why is it necessary to change security question and password ?Plz reply

    9. Jayasree says:

      ya its true but I had already deleted my orkut account around 2pm today.

    10. Tintumon says:

      kaappathingoooooooooooo ellaaaaaaaaaam poche….. 🙁

    11. Naveen says:

      hey itz Naveen !!

      if u r trouble vit orkut virus ???to solve this problem ?? plz follow the instructions…..

      Find a file named HOST
      u’ll find it here

      Windows 95/98/Me c:\windows\hosts
      Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts
      Windows XP Home c:\windows\system32\drivers\etc\hosts
      Win 7 – C:\windows\system32\drivers\etc\hosts
      Then open it with NOTEPAD
      got to the end to that file
      Add this code at the end
      (remove # symbol while writing in host file !! from . and org/com)
      127.0.0.1 tptools.#org
      127.0.0.1 http://www.tptools.#org
      127.0.0.1 convites.001webs.#com
      click save
      you are done ! ..clear ur cookies and logout and log in again !! itz tested in my PC !!!happy orkuting 🙂

    12. Mystery says:

      ma id is hacked with this virus plz tell the way to get rid off

    13. Dipanjan says:

      Yesterday I got 2 scraps of “Bom Sabado” from two friends of my friend list. I use Orkut new version from Mozilla Firefox. I’ve deleted those scraps immediately from Orkut profile & e-mail account. Also changed my password today morning. Some of my friends are saying that I’ve to delete my profile. I’m confused upon this topic. Please help me what should I do.

    14. sachin peter says:

      i have opened the scrap in my gmail account.will the virus affect in my gmail account???plz tell me..

    15. Akhil says:

      Dnt blive dat guy naveen,i say a pop up like ‘ tptools ‘ wen i opend my orkut,i was hackd nd recovrd my paswrd…..its a scam site ‘ tptools ‘

      visit my site-

      xchanger1.mobie.in

    16. akhilaneesh says:

      i just changed my password only….n signed out from orkut and logged out from my browser…is that enough……

    17. Pramukh says:

      Isn’t the title supposed to be ‘threat’ instead of ‘treat’ ?

    18. Nidhin says:

      Just be patient, wait for atleast one week, goolge will clear out the problem

    19. Nidhin says:

      Don’t login untill we get anouncement from Google, thats what u have to do..

    20. Bhargava says:

      Nice info !! Bt How much time does it take for this SHIT to be normal ??

    21. mano says:

      hey can u help me recover my orkut and gmail acccount since everthing is being hacked and i couldn’t even access both. more or less my gmail account is very much important for me.
      please provide me the debugging code soon please.

    22. RIAS says:

      since i heard about the orkut virus and hacking news….i stoppped working and login into orkut till then…….my question is did orkut get recovered from that virus and hack…if so plz inform me soon…i wanna need to login……waiting 4 ur valuable reply…i din get or heard any news about problem recovered….

    23. hardnocks24 says:

      thanks for this information,,,,,,,,,,,,
      bt wen can we use orkut again

    24. Rajul says:

      by which WS i can know that Orkut’s virus is really GOne???

    25. susitha says:

      how could i identify that my account is affected by that virus

    26. sravz says:

      is the bom saboda virus of orkut problem solved or not ? can we go again login with orkut .can any one let me know plz?

    Leave a comment