Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cross-Platform OpenOffice Virus Proof of Concept

Published: 2007-05-24
Last Updated: 2007-05-24 20:08:18 UTC
by John Bambenek (Version: 1)
0 comment(s)
A virus writer sent a proof-of-concept virus called BadBunny to Sophos that uses vulnerabilities in OpenOffice to infect Windows, Linux and Mac OS X. Depending on the host operating system, the virus will perform different actions to infect the target machine. In this case, it downloads a lewd image of a scantily clad woman and a dude in a big ol' bunny suit. It's not the first or last attempt at such cross-platform virus writing (or the inclusion of bizarre graphics in malware) but the limitation of seeing much of this cross-platform work lies in the fact that few applications are widely deployed and run on multiple operating systems. Few people use OpenOffice (in comparison to MS Office) to make it worth the while of a would-be attacker looking for anything other than bragging rights. However, viruses are possible for a variety of operating systems (yes, including Mac OS X) and the day may come when those users will have to be just as vigilant as those on Windows.

--
John Bambenek / bambenek {at} gmail [dot] com
University of Illinois at Urbana-Champaign
Keywords:
0 comment(s)
Diary Archives