Wow! now microsoft user will find it easy to migrate, same viruses, same crashes. Hope Blue Screen Of Death (*BSOD*) will also be featured in some distros as privilege package for migratory support.
On 7/9/07, RC Adhikari <[EMAIL PROTECTED]> wrote: > > First OpenOffice virus emerges > Reference Link:: http://apcmag.com/6162/first_openoffice_virus_emerges > > > - 22nd May 2007 > - Dan Warne > - Linux <http://apcmag.com/taxonomy/term/267>, > Mac<http://apcmag.com/taxonomy/term/266>, > Windows <http://apcmag.com/taxonomy/term/265> > > Oh what a sweet, sweet day it must be for Microsoft. The first worm > specifically targeting the open-source office package OpenOffice has > emerged. > > It runs on Windows, Mac and Linux computers, but anti-malware vendor > Sophos admits it poses a low threat, especially as it's only a > proof-of-concept that hasn't actually been discovered 'in the wild'. > > [image: Bad bunny: some people have a one-track mind...] *Bad bunny: *some > people have a one-track mind...The OpenOffice worm uses the inbuilt > StarBasic scripting language in the office suite to save scripts to disk in > several other languages. > > The worm attempts to download and display an indecent JPEG image of a man > wearing a bunny suit performing a sexual act in woodland. > > The SB/Badbunny-A worm first infects you when you open an OpenOffice Draw > file called badbunny.odg. A macro included in the file performs different > functions depending on whether you are running Windows, MacOS or Linux: > > - Windows: The worm drops a file called drop.bad which is then moved > to system.ini in your mIRC folder (if you have one) and also drops > and executes badbunny.js which is a JavaScript virus that replicates > to other files in the folder. > - MacOS: The worm drops one of two Ruby script viruses (in files > called badbunny.rb or badbunnya.rb). > - Linux: The worm drops badbunny.py as an XChat script and also > drops badbunny.pl which is a tiny Perl virus infecting other Perl > files. > > The dropped XChat and mIRC scripts are used to replicate and distribute > the virus, and they initiate DCC transfers to others of the original > badbunny.odg OpenOffice file. > > Sophos says the worm has not been found 'in the wild' but, in an odd move, > was sent to their security labs for analysis directly by the makers. The > worm, which has not been reported at any customer sites, also downloads and > displays a pornographic picture of a scantily clad woman with a man dressed > as a rabbit. > > "The group responsible for writing the BadBunny malware don't seem to have > much confidence in it spreading as they have sent it directly to our labs. > The hackers have written plenty of StarBasic malware in the past, but the > most 'in the wild' this one is likely to get is by displaying a picture of a > furvert in the woods," said Graham Cluley, senior technology consultant for > Sophos. > > "This is old-school malware - seemingly written to show off a proof of > concept rather than a serious attempt to spy on and steal from computer > users. A financially motivated hacker would have targeted more widely used > software and not incorporated such a bizarre image. This is not a piece of > malware which we expect to see spreading in the wild, despite its use of a > photograph of unusual wildlife." > > > > --~--~---------~--~----~------------~-------~--~----~ FOSS Nepal mailing list [email protected] http://groups.google.com/group/foss-nepal Community website: http://www.fossnepal.org/ -~----------~----~----~----~------~----~------~--~---
