Advertisement
Promo

Security threats Toolkit in association with http://ad.doubleclick.net/clk;214682528;14505427;f?http://uk.blackberry.com/ataglance/security/

OpenOffice worm hits Mac, Linux and Windows

Munir Kotadia ZDNet Australia

Published: 11 Jun 2007 09:03 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Malware targeting OpenOffice documents is spreading through multiple operating systems including Mac OS, Windows and Linux, according to Symantec.

According to the Symantec Security Response website, the worm is capable of infecting multiple operating system platforms and is spreading.

The advisory said: "A new worm is being distributed within malicious OpenOffice documents. The worm can infect Windows, Linux, and Mac OS X systems. Be cautious when handling OpenOffice files from unknown sources".

The worm was first spotted late last month but at the time, it was not thought to be "in the wild".

Once opened, the OpenOffice file (badbunny.odg) launches a macro that behaves in several different ways depending on the user's operating system.

On Windows systems, it drops a file called drop.bad which is moved to the system.ini in the user's mIRC folder, while executing the Javascript virus badbunny.js that replicates to other files in the folder.

On Apple Mac systems, the worm drops one of two Ruby script viruses in files called badbunny.rb and badbunnya.rb.

On Linux systems, the worm drops both badbunny.py as an XChat script and badbunny.pl as a Perl virus.

Symantec rates the worm "medium risk".

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
44 out of 72 people found this useful


Full Talkback thread

2 comments

  1. Symantec chanweiyee
  2. Very funny Worm yamane

Company/Topic Alerts

Create a new alert from the list below:




Video icon

Video

Sentry Posts Blog

Nasa hacker petition presented to Numb...

Sting's wife Trudie Styler and Janis Sharp have presented a petition to Number 10 calling for Nasa hacker Gary McKinnon not to be extradited to the US. Styler, and Sharp, who is... More

Post a comment

UK to appoint cyber-sec tsar?

The UK is to appoint a cyber security tsar along the lines of the US, according to a story in the Telegraph this morning. The story is similar to one that appeared in the Guardian... More

Post a comment

Nokia Siemens denies Iran web snoop

Nokia Siemens has denied providing deep packet inspection capabilities to the Iranian authorities, following an article in the Wall Street Journal on Monday. The WSJ published the... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters