Report: Google's Orkut fights off worm attack
Worm creates scrapbook entries on Orkut profiles and then propagates to friends on the network.
Update Dec. 20 with Google comment
A computer worm has been spreading on Google's big-in-Brazil Orkut social network, according to a report on the Sounds from the Dungeon blog.
The relatively harmless worm appears to use JavaScript and Flash code to create new scrapbook entries on profiles with a New Year's message in Portuguese before propagating to the victim's friends.
It may have infected as many as 400,000 users, according to a post on a blog called "c0d3w12."
According to the Packet Storm security site, a vulnerability affecting Orkut was discovered November 8 and fixed last week. It was not clear whether this was the same vulnerability that was allowing the worm to spread.
"It appears Google has responded quickly," writes a blogger on ValleyWag. "Too bad. If Google had let the worm rampage, maybe some American users might actually hear about Orkut for the first time."
A Google representative sent this e-mail comment: "Google takes the security of our users very seriously. We worked quickly to implement a fix for the issue recently reported in orkut. We also took steps to help prevent similar problems in the future. Service to orkut was not disrupted during this time."