Online Security Archive

Games Online Categories

Check out Security Depot Online's games online pages. Here, we have combined a list of the hottest Internet casinos offering the hottest casino games online. Although currently there is a wide range of online casinos operated in the cyberspace, seasoned players are well aware of the fact that not all of them are worth a player's time. Online gaming destinations listed here are dedicated to providing their customers with exceptional service and to ensuring their trust. Our list of recommended online casinos is also a great source of info on the most trafficked online poker rooms featuring the most popular poker games online. And, if it is online bingo halls that your are looking for, our casino list will also provide you with a number of great online bingo websites with the most titillating bingo games online. All you need to do is click on a link and have fun!

FaceTime Security Labs Warns Against Data-Theft Worm Targeting Google's Orkut

18 June 2006

Today, FaceTime Security Labs announced the discovery of a worm that steals users' banking details, usernames and passwords. The worm, known as MW.Orc, is propagating through Orkut, Google's social networking site, as users launch an executable file disguised as a JPEG.

"Sometimes there is a false sense of security and trust that an end user has in a 'gated' community such as Orkut. This is similar to what we see happening in instant messaging," said Chris Boyd, security research manager for FaceTime Security Labs, and globally-recognized Internet security expert. "Consequently, the infection spreads like wildfire."

The initial executable installs two additional files on the user's computer. When infected users click on the "My Computer" icon, their banking details and passwords are emailed to the worm's anonymous creator.

The infection is spread by posting a URL in another user's Orkut Scrapbook, a guestbook where visitors can leave comments visible on the user's page. This link lures visitors with a message in Portuguese, falsely claiming to offer additional photos.

The infection file possesses the capability to spread automatically, in one instance sending the infection link three days after the initial infection with the timestamp of the message backdated by two days. The message sent can also vary from infection to infection.

In addition to stealing personal information, the malware can also enable a remote user to control the PC and make it part of a botnet. A botnet is a network of infected PCs controlled by a hacker. The botnet in this case uses an infected PC's bandwidth to distribute large, pirated movie files, potentially slowing down an end-user's connection speed.

Worldwide, Orkut has approximately 16 million users. MW.Orc is targeting Brazilian users and Brazilian banks. A quarter of all Brazilians who have access to the Internet use Orkut. Brazilian users make up about 70 percent of the site's traffic, according to Google data.

FaceTime Security Labs researchers have posted commentary and recommendations concerning MW.Orc at http://blog.spywareguide.com/2006/06/datatheft_malware_targets_goog_1.html, including a video that shows how the malware sends personal data back to the attacker. FaceTime Security Labs is the threat research division of IM and Greynet security leader FaceTime Communications.

Threat name: MW.Orc

Threat type: Malware

Risk: Medium

Who is affected: Orkut members and visitors using Windows XP

Additional information: The initial executable file (Minhasfotos.exe) creates two additional files when activated, winlogon_.jpg and wzip32.exe (located in the System32 Folder). When the user clicks the "My Computer" icon, a mail is sent containing their personal data. In addition, they may be added to an XDCC Botnet (used for file sharing), and the infection link may be sent to other users that they know in the Orkut network. The infection can be spread manually, but also has the ability to send "back dated" infection links to people in the "friends list" of the infected user.

FaceTime Customers Are Protected Against This Threat

FaceTime's RTGuardian and GEM customers are protected from this exploit if they have auto-update features enabled. FaceTime's X-Cleaner customers should download the latest update and scan their PC. FaceTime Enterprise Edition and IMAuditor customers can proactively block these malicious threats and prevent infections before they happen by utilizing the auto-update features to block downloads of the specific file types associated with the threats.

About FaceTime Communications

Founded in 1998, FaceTime Communications is the leading provider of security solutions for the management and control of greynet applications such as adware/spyware, instant messaging, webmail, P2P file sharing, web conferencing and instant voice. FaceTime delivers the industry's first IMPact Index, which assesses "point-in-time" risks posed by viruses, worms and other malware propagating through greynet applications. FaceTime's award-winning solutions are used by over 600 customers, among them seven of the eight largest U.S. financial institutions. FaceTime supports or has strategic partnerships with all leading public and private IM network providers, including AOL, Google, Microsoft, Yahoo!, IBM, Bloomberg, Jabber and Reuters.

FaceTime is headquartered in Foster City, California. For more information visit http://www.facetime.com or call 888-349-FACE.

FaceTime, FaceTime Communications, IMAuditor, RTGuardian, GEM, Facetime Enterprise Edition, FaceTime Security Labs, IMPact Index, SpywareGuide.com and the FaceTime logo are registered trademarks and trademarks of FaceTime Communications, Inc. Other trademarks and registered trademarks are the property of their respective owners.

CONTACT:

Emily Chamberlin

Edelman for FaceTime

650-429-2734

emily.chamberlin@edelman.com

Source: prnewswire