June 11, 2007 4:57 AM PDT
OpenOffice worm Badbunny hops across operating systems
- Related Stories
Expert: IT industry has failed in desktop securityMay 21, 2007
New OpenOffice version includes security upgradeApril 4, 2007
OpenOffice patches 'highly critical' flawJanuary 5, 2007
Security from A to Z: Open sourceNovember 27, 2006
OpenOffice security is questionedAugust 14, 2006
OpenOffice patches three security holesJuly 5, 2006
Stardust virus lands on OpenOfficeMay 31, 2006
OpenOffice celebrates anniversary by squashing bugOctober 13, 2005
- Related Blogs
French researchers find OpenOffice more vulnerable than Office
July 24, 2006
OpenOffice password crack is open to abuse
April 24, 2007
"A new worm is being distributed within malicious OpenOffice documents. The worm can infect Windows, Linux and Mac OS X systems," according to a Symantec Security Response advisory. "Be cautious when handling OpenOffice files from unknown sources."
Apple's Mac OS is not a virus-free platform, said Jan Hruska, who co-founded rival antivirus firm Sophos and was one of the first ever PC antivirus experts.
"Viruses on the Mac are here and now. They are available, and they are moving around. It is not as though the Mac is in some miraculous way a virus-free environment," Hruska said. "The number of viruses coming out for non-Mac platforms is higher. It gives a false impression that somehow, Apple Macs are all virus-free."
The worm was first spotted late last month, but at the time, it was not thought to be "in the wild."
Once opened, the OpenOffice file, called badbunny.odg, launches a macro that behaves in several different ways, depending on the user's operating system.
On Apple Mac systems, the worm drops one of two Ruby script viruses in files respectively called badbunny.rb and badbunnya.rb.
On Linux systems, the worm drops both badbunny.py as an XChat script and badbunny.pl as a Perl virus.
Symantec rates the worm as a "medium risk."
Munir Kotadia of ZDNet Australia reported from Sydney.
71 commentsJoin the conversation! Add your comment