Home arrow US-CERT Computer Emergency Readiness Team arrow Google Orkut Worm

Google Orkut Worm

US-CERT is aware of public reports of a worm propagating via Google's social network, Orkut. It has been reported that this worm spreads by sending messages to Orkut users. When a user visits an infected Orkut profile, the user becomes infected by a "scrap" that references a remote, malicious javascript file (virus.js).

US-CERT urges users to take the following preventative measures to mitigate the security risks:

  • Install anti-virus software, and keep its virus signature files up-to-date.
  • Block executable and unknown file types at the email gateway.
  • Refer to the Avoiding Social Engineering and Phishing AttacksAvoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.