First Twitter was hacked. Then Facebook went down. Now it’s Orkut’s turn. Google’s social networking site has been attacked by the virulent “Bom Sabado” worm. Bom Sabado means “Good Saturday” in Portuguese, the native language of Brazil where the worm is thought to have originated. Orkut is the most popular social site in Brazil, India and several other countries.

首先，Twitter被黑了。 然后Facebook崩溃了。 现在轮到Orkut了。 谷歌的社交网站遭到了“ Bom Sabado”蠕虫的攻击。 Bom Sabado在葡萄牙语中被认为是“ Good Saturday”，葡萄牙语是该蠕虫的起源地巴西。 Orkut是巴西，印度和其他几个国家/地区最受欢迎的社交网站。

The worm replicates itself across accounts and randomly sends “Bom Sabado” messages to friend’s scrapbooks — Orkut’s version of Facebook’s wall. Google support recently announced that the worm had been contained and they are in the process of cleaning infected accounts. However, the company recommends vigilance when accessing accounts — users should be especially wary about clicking suspicious links.

该蠕虫会在多个帐户之间进行自我复制，然后将“ Bom Sabado”消息随机发送到朋友的剪贴簿(Orkut的Facebook墙版本)。 Google支持最近宣布该蠕虫已被遏制 ，并且正在清除受感染的帐户。 但是，该公司建议在访问帐户时保持警惕-用户应特别注意单击可疑链接。

If you have been infected, you should log out, clear your browser’s cookies and cache and change your Google account password immediately at google.com/accounts.

如果您已被感染，则应注销，清除浏览器的cookie并缓存，并立即在google.com/accounts上更改Google帐户密码。

The attacks raise an interesting question: are hackers and spammers turning their attention to social networks? XSS infections are easier to create and distribute than viruses or malware which can be detected by PC software. In addition, the exploits spread quickly and cross system boundaries — it doesn’t necessarily matter which OS or browser is being used.

这些攻击提出了一个有趣的问题：黑客和垃圾邮件发送者是否正在将注意力转向社交网络？ XSS感染比PC软件可以检测到的病毒或恶意软件更容易创建和分发。 此外，漏洞利用程序Swift传播并跨越系统边界-使用哪个操作系统或浏览器并不一定重要。

The networks have proved themselves vulnerable. All companies state security is a top priority, but it’ll never be as important as usability or encouraging new sign-ups. Open APIs and third-party applications also provide another means of attack. Perhaps it’s just a matter of time before we see self-replicating worms which can distribute themselves throughout a network without any user interaction.

网络已证明自己易受攻击。 所有公司都将安全性放在第一位，但它永远不会像可用性或鼓励新签约一样重要。 开放式API和第三方应用程序还提供了另一种攻击手段。 看到自我复制的蠕虫可以在没有任何用户交互的情况下将自身分布到整个网络中，这只是时间问题。

Then again, these attacks have provided the social networks with considerable mainstream attention. Bad news is better than no news whatsoever. Orkut is relatively unknown in the US and Europe, so perhaps the worm is a massive Google publicity stunt! But I’d never suggest such as thing. I’ll leave that to the cynical conspiracy theorists…

再者，这些攻击使社交网络受到了相当大的主流关注。 坏消息总比没有好。 Orkut在美国和欧洲相对未知，因此也许该蠕虫是Google的大规模宣传st头！ 但是我永远不会建议这样的事情。 我将把它留给愤世嫉俗的阴谋理论家……

翻译自: https://www.sitepoint.com/orkut-bom-sabado-xss-worm/