Our comments and trackback policy You Link We Follow, You Comment We Promote

Security Research firm Websense has released an alert notifying the general public that some people are using Orkut to spread trojan links in messages disguised as official email from Orkut.

"The message contains several links that appear to lead to the official Orkut Web site. Clicking on a link actually leads to a malicious executable file, which is a Trojan Downloader named ‘imagem.exe,’" the Websense alert says. "The malicious file opens the legitimate Orkut network log-in page, and in the background downloads a password stealing Trojan named ‘msn.exe.’"

Google has already started looking into the matter.