SCF Advanced Search

  • Total Posts: 40158
  • Total Topics: 14266
  • Online Today: 749
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Bad Bunny  (Read 2804 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Global Moderator
  • *****
  • Posts: 1076
  • KARMA: 22
  • Gender: Male
Bad Bunny
« on: 08. June 2007., 20:20:35 »
…was the case that they gave me. SB.Badbunny, a fairly novel OpenOffice macro virus that attempts to spread via IRC. The novelty comes partly from the attention-grabbing trendiness of working on Open Office and many Unix-based operating systems (Linux and Macintosh included), but also with its use of a variety of scripting languages to improve portability. Badbunny doesn't just use the OpenOffice macro language, but has components written in Ruby, Javascript, Python and Perl.

What makes this virus worth mentioning is that it illustrates how easily scripting platforms, extensibility, plugin-ins, ActiveX, etc, can be abused. The rapid development nature of these platforms applies to the latest Web 2.0 websites as well as the latest malware threat. All too often this is forgotten in the pursuit to match features with another vendor. Fortunately, in this case the ease-of-use of these scripting languages attracted an amateur developer who wrote multiple critical bugs in the code, causing Badbunny to barely replicate.

Given that web servers is one area where operating systems are still mixed and matched, and where the open-source webserver Apache rules [3], the ability for malware to survive in a cross-platform, cross-application environment has particular relevance as more and more malware is pushed out via websites. How long until someone uses something like this to drop a JavaScript infector on a web server, regardless of platform? Well, we've already seen even more sophisticated attacks, with 3rd party advertisers, redirecting iframes, JavaScript and ANI/ActiveX vulnerabilities. Malware authors have even turned this into a c2c (criminal to criminal) business of sorts[2] . They just didn't advertise it with a man in a bunny suit. They were trying to make money.
# Online Anti-Malware Scanners:,734.0.html

Samker's Computer Forum -

Bad Bunny
« on: 08. June 2007., 20:20:35 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising