Proof of concept OpenOffice worm discovered

By Justin Mann on May 22, 2007, 2:53 PM
The first proof-of-concept worm aimed at OpenOffice users has emerged, though at this time it doesn't present any danger to end users. The cross-platform worm uses the built-in StarBasic scripting language for OO and can infect Windows, MacOS and Linux installations of OpenOffice. It uses various methods to propagate itself, including sending itself through DCC transfers via IRC and uses various different scripting languages to get itself running on whatever machine it infects. Interestingly enough, the motives behind this worm don't seem to be world domination or even widespread infection. They voluntarily handed the worm over to Sophos, who was able to identify it:

"The group responsible for writing the BadBunny malware don't seem to have much confidence in it spreading as they have sent it directly to our labs. The hackers have written plenty of StarBasic malware in the past, but the most 'in the wild' this one is likely to get is by displaying a picture of a furvert in the woods," said Graham Cluley, senior technology consultant for Sophos.
Due to this and the nature of the code itself, it is unclear whether it would have even spread in the wild. A proof of concept is just that, and not an indication of any particular issues. What security flaws have been exploited aren't made clear, so hopefully Sophos and other security companies will release information on the scope of this. Either way, it is certainly not something to be concerned about, though it is interesting.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.