New Orkut Virus: Bom Sobado (Good Saturday in Portuguese!)

@thebigk • Oct 25, 2024

Oct 25, 2024

1.2K

The BOM SOBADO virus has struck Orkut and all the Orkut users are warned that if you receive any message from your Orkut friend that contains these words; DO NOT visit their profile!

If you visit the affected profile, a script will get activated on your profile which will update your status message and send the affected message to everyone in your contact list and the virus will keep spreading.

If your profile has been affected with the virus, please change your Google Account password immediately.

If anyone's got more information about the virus, please update this thread immediately.

Like 0 Replies 10

Replies

Welcome, guest

Join CrazyEngineers to reply, ask questions, and participate in conversations.

CrazyEngineers powered by Jatra Community Platform

Whats In Name

@whats-in-name-KdgM7o • Sep 25, 2010

Thanks alot Biggie,for informing.

0
Kaustubh Katdare

@thebigk • Sep 25, 2010

Further virus details -

Bom Sabado is a cookie stealing virus. Those who are affected by this virus try to change their password as soon as possible and also clean your browser cookies.Orkut officials havnât given out any details of the scrap virus. Its safe to keep away from opening your orkut until orkut official give out the status of the attack.However, it is not clear yet that the Bom Sabado is a virus or not. But the Orkut user who have faced this problem are advised to change your password and security question. Log out immediately and clear the cookies and history.Users are also advised not to open such scraps. The bug is hitting your cookies and automatically sending messages to your friend list.

The worm injects a hidden iframe containing a malicious javascript .js [do not click this], which steals the user cookie which contains the password in an encoded form. So the attacker do not get to know your plaintext password but can login using your credentials by impersonating using the cookie to fool the identification system. So a trivial solution is to diable javascript, another solution is to disable iframes or u can take an advanced measure by blocking the domain by editing your hosts file and redirecting it to a safe address, say 127.0.0.
Source: #-Link-Snipped-#

DO NOT login to Orkut for next ~48 hours or some update from Google.

0
Pensu

@pensu-8tNeGU • Sep 25, 2010

I got this scrap form 3 guys.....i was thinking this is surely a virus....thanks for the info biggie....

0
SRRS

@srrs-xlYLny • Sep 25, 2010

Hello,thank u guys,i also got this from my friends.but i did not visit their profile .is there any need to change my password?

0
Kaustubh Katdare

@thebigk • Sep 25, 2010

SRRSHello,thank u guys,i also got this from my friends.but i did not visit their profile .is there any need to change my password?
Well, it would help if you change your password and not visit the site for next 48 hours. Google will soon release a statement. Be sure to clear your web browser cookies before you visit the site.

0
Manish Goyal

@manish-r2Hoep • Sep 25, 2010

Few Precautions
<a href="https://security-informatica.blogspot.com/2010/09/bom-spado-problem-in-orkut.html" target="_blank" rel="nofollow noopener noreferrer">NETWORK SECURITY: BOM SPADO PROBLEM .................................. in ORKUT</a>

0
Saandeep Sreerambatla

@saandeep-sreerambatla-hWHU1M • Sep 25, 2010

I dont have a orkut account , I deleted it 😀

Yahoo!!

0
Reya

@reya-SMihdC • Sep 25, 2010

@Biggie thanks for the valuable information.

0
Kaustubh Katdare

@thebigk • Sep 25, 2010

Thankfully, there are no Facebook viruses (yet). Facebook itself is a virus that's spreading like umm...what?

0
Reya

@reya-SMihdC • Sep 25, 2010

If facebook viruses exist then everybody will be in trouble!!thank god..

0