BAdBunny (was Re: Antivirus for Ubuntu )
peter.garrett at optusnet.com.au
Fri May 25 05:22:25 UTC 2007
On Thu, 24 May 2007 20:00:42 -0700
NoOp <glgxg at mfire.com> wrote:
> [click on 'Advanced']
> - On Linux, it drops a file named badbunny.pl that is a Perl file
> infector also detected as SB/BadBunny-A.
Well ... interesting commentary at
Also ( quote) from
It is possible in any capable macro language, including those in
OpenOffice.org, to write simple 'virus-like' programs. Currently,
OpenOffice.org follows industry best practice to mitigate the risk. If the
software detects macros in a document being opened, by default it displays
a warning and will only run the macro if the user specifically agrees. In
any macro-capable tool, it is essential to verify the origin and
authenticity of the document before executing macros. To this end,
OpenOffice.org has also included advanced digital signature capabilities.
Not suggesting we should be complacent, but it seems from the above that
infection would be an egregious case of PEBKAC here.
Also entertaining is this
The worm, which has not been reported at any customer sites, downloads and
displays a pornographic picture of a scantily clad woman with a man
dressed as a rabbit.
Which goes on to say "The group responsible for writing the BadBunny
malware don't seem to have much confidence in it spreading as they have
sent it directly to our labs. The hackers have written plenty of StarBasic
malware in the past, but the most 'in the wild' this one is likely to get
is by displaying a picture of a furvert in the woods," said Graham Cluley,
senior technology consultant for Sophos."
Of course, clicking on Windows virus attachments is classic PEBKAC as
well, so it's worth being aware of this kind of stuff.
You're right that this kind of thing will become more common if Linux
starts to take up more on the desktop, though.
More information about the ubuntu-users