Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
OpenOffice virus reaches across platforms
Published: 2007-05-23

A virus writer with something to prove has written a proof-of-concept OpenOffice document to demonstrate a way to infect Windows, Linux and Mac OS X systems with a single script.

The virus, dubbed BadBunny by antivirus firm Sophos, is a script embedded in an OpenOffice Draw file and performs different actions based on the host's operating system. On Windows, the program drops a file for the instant messaging client mIRC that attempts to spread the virus. On the Mac OS X, the program places two Ruby scripts that attempt to propagate the file, and on Linux systems, BadBunny drops scripts written in Python and Perl to copy itself to other systems.

The program, which has not been seen in the wild, seems unlikely to spread, said Graham Cluley, senior technology consultant for Sophos.

"The group responsible for writing the BadBunny malware (doesn't) seem to have much confidence in it spreading as they have sent it directly to our labs," Cluley said in a statement.

The proof-of-concept virus is not the first to target OpenOffice: A year ago, a group of virus writers sent the Stardust OpenOffice virus to antivirus firms. While OpenOffice has not attracted many attack, online thieves have started exploiting flaws in Microsoft's dominant Office software to create attacks aimed at infiltrating computer systems within government agencies and corporations.

The latest proof-of-concept virus for OpenOffice poses little risk to users. According to Sophos, it received its name from the files it attempts to create during infection as well as a pornographic picture involving a man in a bunny suit.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus