Google’s social networking website Orkut has been attacked by virus called “Bom Sabado” on Saturday morning, which is a big treat for orkut . “Bom sabado” is a Portuguese world it means “Good Saturday” in English.
Bom Sabado is an orkut virus affecting profiles of many. Those who are affected by this virus are advised to change password and security question. Log out immediately and also clear the cookies and history.
Users are also advised not to open Orkut account until the problem solved. Orkut had just last month announced new updates to the website. It’s a second time Orkut got affected by this kind of viruses. The same virus has hit Orkut last Feb also.
A few hours back, the Bom Sabado virus seems to have started and now it is all over orkut scraps that spreading from friend to friends. It is an auto generated message which is filing your scrapebooks. The scraps come from the friend list and it comes just like any other normal orkut scraps. Users are also advised not to open such scraps. The bug is hitting your cookies and automatically sending messages to your friend list.
If anyone reads this scrap even in their profile, their cookies are also stoled and so they are also posting scrap automatically to their friend list same scrap as bomb something like.
Orkut officials have not clear yet that the Bom Sabado is a virus or not. In week, this is a second XSS attack on a social networking website. The popular microblogging website Twitter was also attacked by a computer worm created by Norwegian. Twitter was received an XSS exploit, the attack, which emerged and was shut down within hours Tuesday morning and involved a XSS flaw that allowed users to run JavaScript programs on other computers.
- So do not login to your orkut account,
- If you want to change password, use this link www.google.com/accounts/
Solutions:-
- Do not visit any profile on Orkut till this script is blocked
- Clear your cookies and cache right away and change your password and security question.
[UPDATES]
<ul><li>Stealing their cookies</li><li>Logging them out and redirecting them to a fake page</li><li>Logging them out and redirecting them to a page which automatically installs keylogger, viruses in their computer system</li></ul>
<p>As soon as they read this scrap even in their profile, their cookies are also stolen and so they are also posting scrap automatically to their friend list same scrap as bomb something like the script is running on and also in status of profile their falg is coming. Status is automatically updated in some profile. It’s their flag of Brazil. So Google team is working on it.</p>
<h4><strong>Now you should do is, </strong></h4>
<p><strong>Follow these steps: </strong></p>
<p>1. Immediately change your password and security question {including secondary email and mobile number if they also got changed.) This will solve the problem.</p>
<p>2. Find out whether some communities have been joined automatically. If yes, do remove them.</p>
<p>3. If your account has been completely hacked, then click on this <a href=”http://www.google.com/support/forum/p/orkut/thread?tid=39fa418ed1162078&hl=en” rel=”nofollow” target=”_blank”>url</a></p>
<p><strong>Always remember these points:</strong></p>
<li>Don’t ever login to any site rather than www.orkut.com</li><li>Don’t ever run any javascripts while logged into your orkut account</li><li>Never use any flooder in your account</li><li>Don’t ever share your password with anyone else and keep changing your password regularly.</li><li>Don’t ever click suspicious link while logged into Orkut a/c. if you are curious you can copy the link and check them in</li><li>other browser after cleaning it’s browser’s cookie and cache.</li><li>Don’t ever install any suspicious script on greasemoneky and ALWAYS DIABLE THE GM before logging in to orkut.</li><li>Do your mobile verification also, so that you can get back your a/c if hacker doesn’t change the mobile number there.</li><li>http://www.orkut.co.in/Main#MobileSetupSettings</li><li>Install a good Update Ant ivirus and Anti Key logger and keep your system free from Key loggers and backdoor trojans.</li>
<li>Use Virtual Keyboard to enter your password for more securite. KIS 2010 provides it and there are many other V.</li>
Users are getting scraps from their friends with the message “2008 vem ai… que ele comece mto bem para vc”. Even if they try to read their scraps They can get hacked. There is an XSS (Cross site scripting) prevailing in the scrapbook, which allows the execution of malicious script, which can perform following actions,
- Stealing their cookies
- Logging them out and redirecting them to a fake page
- Logging them out and redirecting them to a page which automatically installs keylogger, viruses in their computer system
As soon as they read this scrap even in their profile, their cookies are also stolen and so they are also posting scrap automatically to their friend list same scrap as bomb something like the script is running on and also in status of profile their falg is coming. Status is automatically updated in some profile. It’s their flag of Brazil. So Google team is working on it.
Now you should do is,
Follow these steps:
1. Immediately change your password and security question {including secondary email and mobile number if they also got changed.) This will solve the problem.
2. Find out whether some communities have been joined automatically. If yes, do remove them.
3. If your account has been completely hacked, then click on this url
Always remember these points:
- Don’t ever login to any site rather than www.orkut.com
- Don’t ever run any javascripts while logged into your orkut account
- Never use any flooder in your account
- Don’t ever share your password with anyone else and keep changing your password regularly.
- Don’t ever click suspicious link while logged into Orkut a/c. if you are curious you can copy the link and check them in
- other browser after cleaning it’s browser’s cookie and cache.
- Don’t ever install any suspicious script on greasemoneky and ALWAYS DIABLE THE GM before logging in to orkut.
- Do your mobile verification also, so that you can get back your a/c if hacker doesn’t change the mobile number there.
- http://www.orkut.co.in/Main#MobileSetupSettings
- Install a good Update Ant ivirus and Anti Key logger and keep your system free from Key loggers and backdoor trojans.
- Use Virtual Keyboard to enter your password for more securite. KIS 2010 provides it and there are many other V.
A Javascript generated worm namely ‘bom sabado’ is spreading in the orkut.
these are the features.
1) Scrap which contains text as ‘bom sabado’ is sent from profile with out the knowledge of profile owner
2) those who opens the scrap gets infected.Some settings are automatically changed and pron communities are added to the profile with out the consent of profile owner.
3)The worst thing is that the profile owner cannot unjoin from these communities and cannot report this bug to Google
I think attack is on old orkut version…. Use new orkut version to remove all those communities from your account……………..
thank u brother for information my id is hack by this virus plz tell me any solution to protect it frm that virus
my new id is [email protected] plz send me mail on this id to solve my problem of my old id plzzzzzzzz sir
thanx man for giving the solution
hello every one may i asked you a question who is authorised for that virus to save all our scrapes tel me its urgent so we will sue a case on that as a unity
w are launching our company on 2 oct 2010 inindia and for that we have a all india survay for that and in that we get amazing result for that with at list 1500 intrested person who are iintrested roe taking our freanchasiee in all major city of india and as we gave our proposel to all of them we get all intrested persons city name and their contact at our scrape so friend can any one tell us that how we get all of them data that we have at our scrape becaus BOM SHABDO virus bloked all that
if you can help us send us detail at
[email protected]
learn to use Firefox + Noscript, noobs :-\
thnx………..its really a helpful info…..
Why is it necessary to change security question and password ?Plz reply
ya its true but I had already deleted my orkut account around 2pm today.
kaappathingoooooooooooo ellaaaaaaaaaam poche…..
hey itz Naveen !!
if u r trouble vit orkut virus ???to solve this problem ?? plz follow the instructions…..
Find a file named HOST
u’ll find it here
–
Windows 95/98/Me c:\windows\hosts
Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts
Windows XP Home c:\windows\system32\drivers\etc\hosts
Win 7 – C:\windows\system32\drivers\etc\hosts
Then open it with NOTEPAD
got to the end to that file
Add this code at the end
(remove # symbol while writing in host file !! from . and org/com)
127.0.0.1 tptools.#org
127.0.0.1 http://www.tptools.#org
127.0.0.1 convites.001webs.#com
click save
you are done ! ..clear ur cookies and logout and log in again !! itz tested in my PC !!!happy orkuting
ma id is hacked with this virus plz tell the way to get rid off
Yesterday I got 2 scraps of “Bom Sabado” from two friends of my friend list. I use Orkut new version from Mozilla Firefox. I’ve deleted those scraps immediately from Orkut profile & e-mail account. Also changed my password today morning. Some of my friends are saying that I’ve to delete my profile. I’m confused upon this topic. Please help me what should I do.
i have opened the scrap in my gmail account.will the virus affect in my gmail account???plz tell me..
Dnt blive dat guy naveen,i say a pop up like ‘ tptools ‘ wen i opend my orkut,i was hackd nd recovrd my paswrd…..its a scam site ‘ tptools ‘
visit my site-
xchanger1.mobie.in
i just changed my password only….n signed out from orkut and logged out from my browser…is that enough……
Isn’t the title supposed to be ‘threat’ instead of ‘treat’ ?
Just be patient, wait for atleast one week, goolge will clear out the problem
Don’t login untill we get anouncement from Google, thats what u have to do..
Nice info !! Bt How much time does it take for this SHIT to be normal ??
hey can u help me recover my orkut and gmail acccount since everthing is being hacked and i couldn’t even access both. more or less my gmail account is very much important for me.
please provide me the debugging code soon please.
since i heard about the orkut virus and hacking news….i stoppped working and login into orkut till then…….my question is did orkut get recovered from that virus and hack…if so plz inform me soon…i wanna need to login……waiting 4 ur valuable reply…i din get or heard any news about problem recovered….
thanks for this information,,,,,,,,,,,,
bt wen can we use orkut again
by which WS i can know that Orkut’s virus is really GOne???
how could i identify that my account is affected by that virus
is the bom saboda virus of orkut problem solved or not ? can we go again login with orkut .can any one let me know plz?