Security experts at MicroWorld
Technologies inform that members of Orkut Online
Community Service powered by Google may receive a
message from their contacts urging them to click on
a link. Once the link is clicked, a Trojan downloader
named 'Win32.Banload.aoo' will find its way to user
computers.
In an attack that's very similar in nature to the
last month's password stealing Trojan in Orkut, this
one too comes from infected contacts, thereby evoking
no suspicion in recipient's mind. The message written
in Brazilian Portuguese asks users to download a file
named 'fotovideo.exe', where it's important to note
that 67% of Orkut users are Brazilians.
"Orkut is a network of trusted contacts and
it's the very 'trust' that this worm exploits in tricking
unsuspecting users," observes Aneesh Paliwal,
Security analyst, MicroWorld
Technologies. "Checking the authenticity
of every material posted on online networks, by contacting
the sender before you act upon them, is impractical
to say the least!"
After getting into the victim's computer, 'Win32.Banload.aoo'
logs on to malicious websites to download dangerous
password stealing Trojans and keyloggers without the
knowledge or consent of the user.
At the first stage of its infection routine, Banload.aoo
installs itself in the system registry, lowers the
security levels of the computer and tries to turn
off AntiVirus software installed in the PC. Then it
goes ahead and downloads members of Trojan-PSW family
that captures usernames, passwords and other confidential
data while the victim logs on to the websites of leading
banks and credit card companies. This information
is sent to the remote attacker who uses it for multiple
online financial crimes.
Last month, a password stealing Trojan named 'Infostealer.Orcu',
was directly spread via orkut as an 'exe' posting,
without the help of any conduit like Banload.aoo.
Reacting to the malice, Google then cautioned users
saying, "Orkut.com users and users of all online
services and applications should always be careful
when opening or clicking on anything suspicious."
"Orkut is growing very fast among online community
enthusiasts across the world and it's quite natural
that malware writers are increasingly targeting it,"
says Govind Rammurthy, CEO, MicroWorld
Technologies. "Though Orkut has a definite
advantage in having a by and large enlightened user
base that's cautious while dealing with suspicious
files, the guard slips off for some of them at times.
That's when your proactive Security Software should
defend you even from a new threat by applying Futuristic
Security Intelligence."
MicroWorld
MicroWorld (www.mwti.net
) is the developer of the world's first Real-Time
Anti-Virus and Content Security software eScan
for desktops and servers. Its communication security
software,
MailScan is the first comprehensive e-mail
scanner for your SMTP/POP3 Mail Server. MicroWorld
Winsock Layer (MWL) is the revolutionary technology
underlying these products, powering them to several
certifications and awards by some of the most prestigious
testing bodies, notable among them being Virus Bulletin,
Checkmark, TUCOWS, Red Hat Ready, and Novell Ready.
Combining their powerful scanner with MWL technology,
MicroWorld solutions provide a Real-Time Proactive
security for your systems. For network security of
enterprises, eConceal Firewall is the latest powerful
offering from MicroWorld.
To learn more, kindly visit http://www.mwti.net.
