According to one security researcher, hackers are planting a password stealer with a message in Portuguese – 70 percent of users on the website are Portuguese-speaking Brazilians. Dubbed Orc.Malware by instant mesaging (IM)security company Facetime Security Labs, the malware tells users that their data has been emailed to the hacker.
It also leaves a message in the user's online guestbook:
“Oi... tudo bom? Como o orkut limita a quantidade de fotos que podem ser publicadas na minha conta, eu criei um slide com algumas fotos minhas, pra ver e so clicar clicar no link!!! [link removed] - Sei que vai gostar"
This roughly translates to: "As Orkut limits the amount of photos that can be published in my account, I created a slideshow with some photos of mine, please click to see!"
Anyone clicking on the link provided executes a file which then looks for bank account details on the user's PC.
Chris Boyd, security research manager at Facetime, said he expected Orkut and other "gated" communities will have to contend with many more attacks like this in future.
“Myspace has had to come up with all new and inventive ways to stop nasty attacks, said Boyd. “But ever more devious attacks like the above will continue to make things difficult. It's somewhat akin to IM attacks - you don't need to gain someone's trust to run your file, because you're already inside the circle of trust. Like that De Niro guy in the Ben Stiller film”