Google's social networking site is being used to spread a
malicious spam campaign, which can open up users' PCs to remote
hackers.
The Google Orkut website is being used by spammers to profit
from the Web 2.0 functionality of the site,
said security firm Websense.
A spoofed personal message, in Portuguese, is being sent from a
user allegedly on the Orkut network seeking love. The message
contains several links that appear to lead to the official Orkut
website.
Clicking on a link actually leads to a malicious executable
file, which is a Trojan Downloader named "imagem.exe".
The malicious file opens the legitimate Orkut network login
page, and in the background downloads a password-stealing Trojan
named "msn.exe".
The Trojans in this attack are hosted on a compromised labour
union website from southern Brazil.