Portuguese, which is the also the official language of Brazil, one of
the last remaining Orkut bastions in the world.
The worm seems to be posting scraps with the text
“Bom Sabado” and also adding affected users to new Orkut groups. Such
XSS attacks have targeted Orkut in the past too.
Experts have advised users to avoid logging on to Orkut till Orkut
engineers fix the hole and also not to click on any suspicious links. Orkut had
just last month announced new updates to the website.
Earlier this week, the popular microblogging
website Twitter was also at the receiving end of an XSS exploit. The attack,
which emerged and was shut down within hours Tuesday morning, involved a XSS
If you are amongst those affected, it’s highly recommended that you follow the steps highlighted below:
* Switch to the “older version” of Orkut.
* Log out of Orkut.
* Clean your browser’s cache and cookies.
* Log in and change your password and security question.