Openoffice Worm Hits Mac, Linux And Windows

[benzkids 0]

i found this on zdnet

According to the Symantec Security Response Web site, the worm is capable of infecting multiple operating system platforms and is spreading.
The advisory said: "A new worm is being distributed within malicious OpenOffice documents. The worm can infect Windows, Linux, and Mac OS X systems. Be cautious when handling OpenOffice files from unknown sources".

In an interview with ZDNet Australia on Thursday, Dr Jan Hruska, who co-founded rival antivirus firm Sophos and was one of the first ever PC antivirus experts, said that Apple Mac's are not a virus-free platform.

"Viruses on the Mac are here and now. They are available and they are moving around -- it is not as though the Mac is in some miraculous way a virus free environment.

"In terms of numbers, the number of viruses coming out for non-Mac platforms is higher. It gives a false impression that somehow Apple Macs are all virus free," said Hruska.

The worm was first spotted late last month but at the time, it was not thought to be "in the wild".

Once opened the OpenOffice file (badbunny.odg) launches a macro that behaves in several different ways depending on the users operating system.

On Windows systems, it drops a file called drop.bad which is moved to the system.ini in the users mIRC folder, while executing the Javascript virus badbunny.js that replicates to other files in the folder.

On Apple Mac systems, the worm drops one of two Ruby script viruses in files called badbunny.rb and badbunnya.rb.

On Linux systems, the worm drops both badbunny.py as an XChat script and badbunny.pl as a Perl virus.

Symantec rates the worm "Medium Risk"

update Malware targeting OpenOffice documents is spreading through multiple operating systems including Mac OS, Windows and Linux, according to Symantec.

ok i use this every day and i'm scared that i will get a worm and stuff. i'm always connected to the internet and i have sym,antic but i'm still worried.

are you??????/??

[shadowx 0]

Am i worried? No.the worm is spread via the document thats listed there, the way to avoid infection is to only open files from those you know and trust, if you get an email that says "look at this" with an attachment dont open it. To me it doesnt sound like it was written by a super hacker as the way it spreads, works and is named isnt very sophisticated, anyone can write a macro!Just keep your firewall and A/V updated and dont open any type of file from anyone you dont recognise, and even if a friend sends an EXE file dont open it unless you asked them to send it as some virri can infect things like msn and send themselves like that, so unless you asked someone to send you a file dont accept/download it, and if you did ask for it then virus scan it before you run it!