Security experts at MicroWorld
Technologies inform that members of Orkut Online Community Service powered
by Google may receive a message from their contacts urging them to click on a
link. Once the link is clicked, a Trojan downloader named 'Win32.Banload.aoo'
will find its way to user computers.
In an attack that's very similar
in nature to the last month's password stealing Trojan in Orkut, this one too
comes from infected contacts, thereby evoking no suspicion in recipient's mind.
The message written in Brazilian Portuguese asks users to download a file named
'fotovideo.exe', where it's important to note that 67% of Orkut users are Brazilians.
"Orkut is a network of trusted contacts and it's the very 'trust'
that this worm exploits in tricking unsuspecting users," observes Aneesh
Paliwal, Security analyst, MicroWorld Technologies.
"Checking the authenticity of every material posted on online networks, by
contacting the sender before you act upon them, is impractical to say the least!"
After getting into the victim's computer, 'Win32.Banload.aoo' logs on to
malicious websites to download dangerous password stealing Trojans and keyloggers
without the knowledge or consent of the user.
At the first stage of its
infection routine, Banload.aoo installs itself in the system registry, lowers
the security levels of the computer and tries to turn off AntiVirus software installed
in the PC. Then it goes ahead and downloads members of Trojan-PSW family that
captures usernames, passwords and other confidential data while the victim logs
on to the websites of leading banks and credit card companies. This information
is sent to the remote attacker who uses it for multiple online financial crimes.
Last
month, a password stealing Trojan named 'Infostealer.Orcu', was directly spread
via orkut as an 'exe' posting, without the help of any conduit like Banload.aoo.
Reacting to the malice, Google then cautioned users saying, "Orkut.com users
and users of all online services and applications should always be careful when
opening or clicking on anything suspicious."
"Orkut is growing
very fast among online community enthusiasts across the world and it's quite natural
that malware writers are increasingly targeting it," says Govind Rammurthy,
CEO, MicroWorld Technologies. "Though Orkut
has a definite advantage in having a by and large enlightened user base that's
cautious while dealing with suspicious files, the guard slips off for some of
them at times. That's when your proactive Security Software should defend you
even from a new threat by applying Futuristic Security Intelligence."
MicroWorld
MicroWorld (www.mwti.net
) is the developer of the world's first Real-Time Anti-Virus and Content Security
software eScan
for desktops and servers. Its communication security software,
MailScan is the first comprehensive e-mail scanner for your SMTP/POP3
Mail Server. MicroWorld
Winsock Layer (MWL) is the revolutionary technology underlying these products,
powering them to several certifications and awards by some of the most prestigious
testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red
Hat Ready, and Novell Ready. Combining their powerful scanner with MWL technology,
MicroWorld solutions provide a Real-Time Proactive security for your systems.
For network security of enterprises, eConceal Firewall is the latest powerful
offering from MicroWorld.
To learn more, kindly visit http://www.mwti.net
