Monday, June 11, 2007

Malware Targeting Multiple Operating Systems

According to ZDNet a new worm is targeting OpenOffice. Worms are nothing new but this one has a macro that targets Windows, Linux and Mac OSX. As far as I am aware, this is the first time malware has targeted multiple operating systems and I think it could be an ominous sign for Linux and OSX users that have essentially been untargeted by malware writers. Writing zero-day exploits is difficult but most operating systems are behind on patches, which means that if it is now easy to load multiple exploits into malware, the next generation of virus and worms could spread much more quickly as they infect everything they touch. Furthermore, Linux and Mac users may have some bad habits that make them susceptible to malware. Many Linux users don't use anti-virus on their desktops and Mac users may not be in the habit of updating patches as Apple historically hasn't released nearly as many as Windows.

From ZDNet:

"Once opened, the OpenOffice file, called badbunny.odg, launches a macro that behaves in several different ways, depending on the user's operating system.

On Windows systems, it drops a file called drop.bad, which is moved to the system.ini file in the user's mIRC folder. It also executes the JavaScript virus badbunny.js, which replicates to other files in the folder.

On Apple Mac systems, the worm drops one of two Ruby script viruses in files respectively called badbunny.rb and badbunnya.rb.

On Linux systems, the worm drops both as an XChat script and as a Perl virus."

Labels: , , , ,


Post a Comment

Links to this post:

Create a Link

<< Home

Powered by Blogger