Social Viruses, for Social Networks!
I stumbled across this entry on Ajay D’Souza’s blog about a Virus on Orkut.
I received quite a few scraps from pals with this content. None of them know Portuguese.
The scrap was:Opa, tudo bom? Eu criei um vídeo com uma seleção de minhas fotos novas, clica aí pra ver - [URL.edited.out] - Estão bem legais!!!
When I once tried to visit the link it asked me to download something (which I didn’t). Other time led me to a proxy server.
Turns out that this is indeed the work of a Trojan.
Taken from Symantec:
Infostealer.Orcu is a Trojan horse that attempts to steal confidential information, such as bank and Paypal accounts. It may arrive as a message spammed across the Orkut network.
(snip)
Orkut’s users may receive a malicious link from other infected contacts. The Trojan posts a message in the user’s scrapbook area of the Orkut system. The message text is chosen by the attacker and can be a random sentence written in Brazilian Portuguese
So, now Viruses are posting scraps. . . That explains a lot 
.
According to Symantec, the Trojan is a low threat. I’ve been forwarded a lot of messages about Viruses on Orkut. This is the first one that turned out to be true.
Links:
Post on Ajay Ajay D’Souza’s Blog
Symantec Security Response - Article on Infostealer.Orcu