Everyone whose orkut account has been affected with the Sabado Worm, can use this simple trick to get out of this issue. People whose account is not yet affected, please follow the below steps to keep this worm away from your accounts.
The worm injects a hidden iframe containing a malicious javascript [do not click this] http: //tptools. org/ worm . js [do not click this], which steals the user cookie which contains the password in an encoded form. Even though the attacker does not get to know your password, they can login to your account using your credentials by impersonating the cookie to fool the identification system.
So a trivial solution is to diable javascript, another solution is to disable iframes or u can take an advanced measure by blocking the domain http : // tptools . org / by editing your hosts file and redirecting it to a safe address, say 127.0.0.1 go to C:>windows>system32>driversetc There is a file named %u2018hosts%u2019. It is a read-only file. Go to it's properties and un-check the read-only option and edit it with you favourite editor. add this line at the end of it 127.0.0.1 tptools.org save it. and then restart your network interface. ( in simple words, just reconnect your internet connection ). Bingo!! the worm%u2019ll became useless!!!!
Thank you very much
ReplyDeleteyou are welcome...
ReplyDelete