Indian users of Google’s friendship site www.orkut.com, are in danger of being infected by a worm that is spreading via the site. Cyberspace worms are rogue programmes that install themselves on a user’s computer and then siphon off personal details like credit card and banking information — all at the bidding of criminal hackers. This has spread waves of alarm in the Indian users circle, which forms a third of the worldwide user base.
Orkut has already posted a warning on its website cautioning users from clicking on unfamiliar links. Google has also confirmed the presence of the worm and said that they were attempting to offer a permanent solution to destroy the worm.This particular worm is an innocuous link to a picture that is placed in the comments column of the user. When the user clicks on the link, it leads to a blank page. Meanwhile, the worm minhasfotos.exe, commences execution, installs two additional files winlogon_.jpgon, wzip32.exe, on the user’s computer and gathers the necessary information.
Later, when the user accesses the local drives, the worm sends the data to its creator. The worm also hooks the infected computer to a network of hijacked computers thereby spreading to infect the computers of other people listed on the user’s contact list.Software professional Kavita Rasam said, "I do use the site a lot, and I guess with worms like this spreading via the website, I will have to either restrict my use of the website or will have to ensure that I don’t store crucial information on my computer."
Sales director, Kartik Shahani, McAfee, an anti-virus provider, said that the potential risk faced by a user from such a worm depended on the degree of protection provided for the computer. "Most users do not realise that when they access a website, their computer may store crucial information like ATM identification numbers and passwords. As a result, criminal hackers can access data with ease, with the help these worms."
Orkut has already posted a warning on its website cautioning users from clicking on unfamiliar links. Google has also confirmed the presence of the worm and said that they were attempting to offer a permanent solution to destroy the worm.This particular worm is an innocuous link to a picture that is placed in the comments column of the user. When the user clicks on the link, it leads to a blank page. Meanwhile, the worm minhasfotos.exe, commences execution, installs two additional files winlogon_.jpgon, wzip32.exe, on the user’s computer and gathers the necessary information.
Later, when the user accesses the local drives, the worm sends the data to its creator. The worm also hooks the infected computer to a network of hijacked computers thereby spreading to infect the computers of other people listed on the user’s contact list.Software professional Kavita Rasam said, "I do use the site a lot, and I guess with worms like this spreading via the website, I will have to either restrict my use of the website or will have to ensure that I don’t store crucial information on my computer."
Sales director, Kartik Shahani, McAfee, an anti-virus provider, said that the potential risk faced by a user from such a worm depended on the degree of protection provided for the computer. "Most users do not realise that when they access a website, their computer may store crucial information like ATM identification numbers and passwords. As a result, criminal hackers can access data with ease, with the help these worms."