Unlimited long distance $24.99/mo
- Related Stories
-
Expert: IT industry has failed in desktop security
May 21, 2007 -
New OpenOffice version includes security upgrade
April 4, 2007 -
OpenOffice patches 'highly critical' flaw
January 5, 2007 -
Security from A to Z: Open source
November 27, 2006 -
OpenOffice security is questioned
August 14, 2006 -
OpenOffice patches three security holes
July 5, 2006 -
Stardust virus lands on OpenOffice
May 31, 2006 -
OpenOffice celebrates anniversary by squashing bug
October 13, 2005 - Related Blogs
-
OpenOffice password crack is open to abuse
April 24, 2007 -
French researchers find OpenOffice more vulnerable than Office
July 24, 2006
"A new worm is being distributed within malicious OpenOffice documents. The worm can infect Windows, Linux and Mac OS X systems," according to a Symantec Security Response advisory. "Be cautious when handling OpenOffice files from unknown sources."
Apple's Mac OS is not a virus-free platform, said Jan Hruska, who co-founded rival antivirus firm Sophos and was one of the first ever PC antivirus experts.
"Viruses on the Mac are here and now. They are available, and they are moving around. It is not as though the Mac is in some miraculous way a virus-free environment," Hruska said. "The number of viruses coming out for non-Mac platforms is higher. It gives a false impression that somehow, Apple Macs are all virus-free."
The worm was first spotted late last month, but at the time, it was not thought to be "in the wild."
Once opened, the OpenOffice file, called badbunny.odg, launches a macro that behaves in several different ways, depending on the user's operating system.
On Windows systems, it drops a file called drop.bad, which is moved to the system.ini file in the user's mIRC folder. It also executes the JavaScript virus badbunny.js, which replicates to other files in the folder.
On Apple Mac systems, the worm drops one of two Ruby script viruses in files respectively called badbunny.rb and badbunnya.rb.
On Linux systems, the worm drops both badbunny.py as an XChat script and badbunny.pl as a Perl virus.
Symantec rates the worm as a "medium risk."
Munir Kotadia of ZDNet Australia reported from Sydney.
See more CNET content tagged:
OpenOffice,
worm,
virus,
Symantec Corp.,
malicious software
On the other hand, if there are Mac OS X viruses in the wild, actually infecting computers , I wish Sophos, McAfee, Symantec, or someone would publish this information.
How am I supposed to tell all my Mac users to be careful when no one can site a single infection outside of the lab?
Come on guys, give me some help.
Linux infringes on hundreds of patents, we just can't find them.
OO has a worm, but we can't find a single instance of it infecting anyone outside contrived lab setups.
Show us a real world OSX virus or worm, or even one for Linux.
In the lab it is trivial to exploit any OS and put malware on it. The only truly damaging viruses or worms in the past 20 years have been written for an OS that makes it trivial to write malware that can spread itself around the world: aka Windows.
these anti virus companies are always finding new virus to protect
us from? Sure..., that's their job...., but they always seem to have
the right fix at the right moment. It's enough to make you
speculate who the root cause of these viruses are.
AV companies are wise to do the Chicken Little thing to spark sales in their products.
it's not a virus free OS..??? Funny, I thought this article was
suppose to be about a cross platform Open Office WORM, not an
OS X VIRUS..!!
What I'd like to know (and the article conveniently avoids) after
this worm drops a few files here and there just WHAT are these
so called "bad boys" suppose to be doing on the different
platforms..??? Since Symantec rates the worm at "medium risk"
I'm guessing short of giving the worm/virus (whatever it's
suppose to be) outright admins privilege on the Mac this thing
isn't going to do much (hence the convenient non-meantioning
of what it can or can't do on a Mac or Linux for that matter..).
Not running as admin makes it easier to clean up, but most of what needs to be done in a virus or worm can be done from a regular account very easily.
Let them say what they want. We all know that the Macintosh OS is perfect the way it is so there is no need to even bother with firewalls or AV products. I mean geez, one might think you were trying to promote self responsibility or something weird like that.
Macs are perfect, plain and simple.
I would be more impressed if it actually infected 1 machine.
They don't need it. Macs are perfect. :)
This already makes the Perl 'virus' totally ineffective unless the user has administrative access (not common on Linux, our applications are designed properly) and actively searches out and gives this script execution privileges.
The python based X-Chat script can do more 'damage' since X-Chat will execute it directly. However it will still be limited by the standard defence mechanisms of the system and by X-Chat's own APIs.
The article fails to understand a basic fact about Linux. We don't believe it to be invulnerable. We know that viruses and other malware would be restricted by the standard defensive mechanisms of the system. No Linux system is a free for all like Windows, sane separation of privileges is the order of the day. This goes further with most corporate Linux solutions now defaulting to the use of strict mandatory access control defences like SELinux (which was designed by the NSA to be their standard form of security).
Also most Linux distributions will deactivate OOo macros by default.
Your claims concerning Linux are bogus in that they don?t tell the full story. It is the same take I have seen from Linux/open source fanatics for years. We don?t need that here either.
But of course we will get it anyway. (sigh)
It's impossible. They don't exist. OS X is invulnerable to viruses. That's why you don't need firewalls, anti-virus products, or any other sort of protection.
It's stupid to even consider there could be a virus that could affect a Mac.
There are many here in these forums that can give you page after page of rants about this very case.
Telling OSX and linux users that they are uninformed... yea, we
have viruses, we just don't know it! LOLOLOL
You are the only one saying it will never be exploited.
Just because you can't point out one real world OSX flaw in a world that Windows is exploited daily, doesn't give you the right to pull crap out of your rear.
(1) What happens when the worm drops off the package on OS X? On Windows, the description indicates that the worm drops off a package that acts like a virus. Please clarify as to the impact.
(2) Are we mixing up Worms, Virus, and Malware? Or Symantec is calling all Malware are also Virus? Please be careful on the reporting!
people have been getting all defensive over their stupid OS and we still don't even know what the hell this "virus" does
for starts... I'm a hater... I know it... I have been for a wile... I think I always will be...
Mac OSX doesn't do it for me... the idea of Mac on anything makes me feel sick.
I would like nothing better than to see Mac OSX crumble at their knees and all those cocky Mac users would really wish they had been a little less cocky...
but i know that if Mac were to fail in security...
Linux probably wouldn't be far behind
and that would be a bad day
people like to know that they've made a good choice... they like to know that the software they use is better than everyone else's software
my dad could beat up your dad... etc.
I'm sure that any one of us can agree that we love what we use.. and if someone told you that you're obviously an idiot because you chose the wrong side, I'm sure you'd take offense and try to disembowel the poor chap who said it.
I'm also an Atheist... do I go around saying things like
"abandon thine gods, ye tiny brained creatures"
"truly a blessed man is one who believes in his own doings more than a divine fathom of whom he has never met"
"hell hath no fury like a people scorned. Hell is a prison which you create from your own guilt and malice."
no.. I don't say those things... mostly because I'm not sure if that's the proper way to speak archaic English. ( if you can believe, I researched it a little bit just so I wouldn't look stupid in this post)
I don't say that because I'm sure that A. no one wants to hear it because they've already got an idea in their head what they should be living for
B. they'll eventually "see the light" and come over to the Atheist side.
or
C. I'm wrong and I'm going to have a heck of a time trying to eat my ice cream in hell... or wherever I'm going
congrats to all those mac users out there who think that Jobs is a god send...
personally... this is like the arrival of a new baby... I really couldn't care less
unless it's my baby
then i care
Rock on you hopeless Mac, Windows and Linux fanboys/fangirls
~Ryan
I mean, I really don't care. This is not a threat to me. I suspect it is much the same on with BSD based systems like Mac OSX as well. With OSS, any problem that actually does exist will have a fix within 12 hours. Microsoft only does that when their DRM gets cracked.
can be run, deleted, or modified as you. Which, oddly enough,
includes all of your documents, music, movies, and so forth. Its
also possible to use this to install a root kit... so all of those
exploits which no one cared about because you needed local access
to use them? Guess what this is giving you...
"OpenOffice.org 2.0.4 for eComStation and OS/2"
http://www.ecomstation.com/openoffice.phtml
The guys at Symantec can stuff it. A mile wide and 1/8th deep of coverage doesn't cut it. How about some real basic practice: write very clear policies and train everyone on them from the execs on down and verify the effectiveness of technology. No software can tell you if another software is bad or not. Rules and signatures only go so far so every new turn creates the opportunity for compromise.
These are the only ways to ensure a secure and productive network. All the rest is just ******* and moaning, something quite common among the IT professional set. Look at all the budget and overhead and they're still insecure.
Here's the link:
http://www.symantec.com/security_response/writeup.jsp?docid=2007-052303-2513-99&tabid=1
My guess is that the number of infections is right around zero.
CNET does this kind of thing from time to time (as do their sister sites). I think it's because they just can't find anything else to publish - it's the same for all the tech media.
The article is more than a bit odd since it is titled and starts out about "badbunny" and then goes on about the supposed insecurity Apple's OS.
In a week or so, there won't be any article that doesn't mention the Apple iPhone
would any of us open it? Let's cut to the chase
here, and say what all this bragging is about.
Now, would any of us here open a document of
unknown provenance with an ability to run
potentially harmful macros? SERIOUSLY???
Also, if I were to open this file, I'd put in a
LiveCD of any distro of Linux (probably ubuntu,
since it has OpenOffice on its disk), and voila!
I can see exactly what the file does. Actually,
I might try that... just for fun. That way, no
harm done!
All this fanboyism that's going around really
hides the truth of the matter. On a forum, it's
better to talk about the news, not the flamewars
people are trying to start.
- NICE STORY HAH HAH
-
by mocefish
June 13, 2007 10:40 PM PDT
- SO BAD BUNNY IS HOPPING ALL OVER EVERYBODYS COMPUTER THAT WAS DUMB ENOUGH TO OPEN IT. WHAT MOST PEOPLE THAT LOKKED AT THIS STORY WANTED TO KNOW WAS WHAT DOES IT DO? MAYBE THE REPORTER FORGOT THIS PART OF THE STORY OR MOST OF THE REST OF THE POSTERS WERE JUST TO HAPPY TO JUMP ON A MS OR OSX BASH...
-
Reply to this comment
-
See all 71 Comments >>