http://www.zdnet.com.au/news/security/print.htm?TYPE=story&AT=339277689-130061744t-110000005c
The Sophos write up http://www.sophos.com/pressoffice/news/articles/2007/05/badbunny.html and this interesting tidbit * Windows: The worm drops a file called drop.bad which is then moved to system.ini in your mIRC folder (if you have one) and also drops and executes badbunny.js which is a JavaScript virus that replicates to other files in the folder. * MacOS: The worm drops one of two Ruby script viruses (in files called badbunny.rb or badbunnya.rb) * Linux: The worm drops badbunny.py as an XChat script and also drops badbunny.pl which is a tiny Perl virus infecting other Perl files. malware 2.0 ? _______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
