A new and nasty Trojan, Orkut.AT, has been discovered by Security researchers at both Symantec and PandaLabs, which targets an Orkut user’s scrapbook. This self-propagating Trojan is designed to infect the computers of both the original victim, and the victim’s Orkut buddy list.
According to PandaLabs a profile appears in the targeted user’s scrapbook, which contains an image from a YouTube video. If the intended victim clicks the link, they are advised that if they wish to see the video a new codec needs to be downloaded. Downloading the codec installs the Orkut.AT Trojan which will then post a malicious message to the scrapbook of the original victim’s Orkut buddy list.
But that’s not all. The Trojan will then go on to download a range of malicious software to the victims’ systems.
The authors of this particular Trojan have added a creative twist; to avoid raising suspicions, the Trojan redirects users to a web page where they can find the video in question.
As with most Trojans, the user is the most important link in the chain leading to the installation and propagation of this infection. Without user interaction this Trojan, and ones like it, cannot succeed.
Luis Corrons, Technical Director of PandaLabs, provides advice that all Internet users should be well aware of, “to avoid falling victim to one of these malicious codes, users should have an up-to-date security solution that can detect both known and unknown malware.”
As well, it bears repeating: don’t click any links received though social networks, even though they might seem to come from reliable sources. Instead type the links directly into the browser’s address bar.
Each of us has an obligation to other Internet users to know, understand, and implement safe surfing practices. Failure to do so will guarantee that we will be faced with a continuing and increasing barrage, of Internet malware attacks. Each of us needs to take responsibility for our actions, while surfing the Internet.
For a review of free, downloadable security software read Need Free Security Programs? – 10 Of The Best!, on this Blog.