Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43424
  • Total Topics: 16521
  • Online today: 2651
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 2643
Total: 2645









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Amker
« on: 08. June 2007., 20:20:35 »

…was the case that they gave me. SB.Badbunny, a fairly novel OpenOffice macro virus that attempts to spread via IRC. The novelty comes partly from the attention-grabbing trendiness of working on Open Office and many Unix-based operating systems (Linux and Macintosh included), but also with its use of a variety of scripting languages to improve portability. Badbunny doesn't just use the OpenOffice macro language, but has components written in Ruby, Javascript, Python and Perl.

What makes this virus worth mentioning is that it illustrates how easily scripting platforms, extensibility, plugin-ins, ActiveX, etc, can be abused. The rapid development nature of these platforms applies to the latest Web 2.0 websites as well as the latest malware threat. All too often this is forgotten in the pursuit to match features with another vendor. Fortunately, in this case the ease-of-use of these scripting languages attracted an amateur developer who wrote multiple critical bugs in the code, causing Badbunny to barely replicate.

Given that web servers is one area where operating systems are still mixed and matched, and where the open-source webserver Apache rules [3], the ability for malware to survive in a cross-platform, cross-application environment has particular relevance as more and more malware is pushed out via websites. How long until someone uses something like this to drop a JavaScript infector on a web server, regardless of platform? Well, we've already seen even more sophisticated attacks, with 3rd party advertisers, redirecting iframes, JavaScript and ANI/ActiveX vulnerabilities. Malware authors have even turned this into a c2c (criminal to criminal) business of sorts[2] . They just didn't advertise it with a man in a bunny suit. They were trying to make money.

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023