|
|
|
Researchers Pinpoint First StarOffice Virus
By: Matt Hines
2006-05-31
Article Rating: / 1
There are 0 user comments on this Network Security & Hardware story.
Security apps specialist Kaspersky Lab identifies what is believed to be the first proof-of-concept virus code created to attack Sun's StarOffice suite and its open-source iteration, OpenOffice.Security researchers at anti-virus software maker Kaspersky Lab have isolated a new virus aimed at Sun Microsystems StarOffice productivity software and the open-source version of the programs, OpenOffice.
Labeled "Stardust" by Kaspersky, based in Woburn, Mass., the virus exists only as a proof-of-concept attack at this point, according to the company, which said it has not had any reports of security exploits related to the threat, or of versions of the program that have been launched into the wild with malicious intent.
 For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.
Sun representatives didnt immediately return calls seeking comment on the StarOffice virus discovery. StarOffice is marketed as a direct alternative to Microsofts dominant Office suite of productivity applications, with better security being touted by Sun as one of the primary advantages of the software over its rivals product.
Kaspersky reported that the Stardust virus attempts to infiltrate StarOffice and OpenOffice by using macros, which can be used to execute certain actions within document files. While such attacks were once more popular among virus code writers, the technique has become less prevalent based largely on the fact that security-minded users know the threats can be stopped simply by disabling macros for the infected program.
Click here to read why an eWEEK Labs review concluded that the OpenOffice productivity suite has the edge over its relative, Suns StarOffice.
Kaspersky analysts said the program is something of a throwback. "You might wonder whats interesting about this, [as] viruses have been around for a long time and are starting to fade from the scene," a researcher identified only by the name Kostya wrote on the companys blog site. "But if you look more closely at the name, you can see why Im interested: Macro viruses usually infect [Microsoft Office] applications."
Based on those factors, the company said the virus may well have been authored by so-called script kiddies, younger hackers looking to build unique viruses to establish their reputation among malware writers, rather than to cause problems or generate profits with more serious attacks.
Kaspersky said the Stardust virus is crafted inside of a StarOffice document that can utilize macro controls that can then infect other files. According to the researchers, the program is written in Star Basic and downloads an image file with adult-themed content from the Internet which is then opened in a new document in the system. Once opened by a user, an attack built from the proof of concept could then infiltrate every StarOffice text document residing on the individuals computer.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������x}r8qռ�Fsw1E�)%[r�ZJU*$)KRv4s%ΟS%3n�DZL8�["�h4��Aȅ�=%(ٟ;ȧGM�Ij}ݻ@�Ci�fA)R c3,
D廚�f�w2vS;^��> \?g#Q;Y|�%x�_'Щ=ѩ�dF,hw|J|Oo\R_ƾQ85'-�Lb�q& �*N�0�,-,�P8"%˱h]
�X*~!c1 ߷$|}䛿Q=|e�3��75m( CTJJd/B(?N&��c-~Ǿ{N�Z0/Pcw��0}ҖGdl9�r4x�;2o֡Cl�v�y!h�
��#�gKͻ�H͠L@d`jI:B�"4Ԙ���c2R!1��`pj
)FD�tGL: fK> Pl:x �3~bArxFaYHo*! lpy+J5y0�'C�,]tU6�ԽƷX咽#7 p&XᄍE^����wCg��>_�ɠi!ZdI}9e(��f42M�YUZ=T�q^�*{Q`چ[bTEݙӛ۟�\jJu���u7�[}��gжD^Բz�Cq;�gCrԽx'[��;Az��@m&1�Dj�j��-̆NY7��^z'5�(�F~㖯[�+e��KXOr�])2� �,R:Df9uO�ҽ�vooz.�vOOnz3do̲5<�z]U�j�j
va ?ޛ:7۳5mӿ�
t?N�d#t>�+?_fV'ZV8�1?!"A"pHFPR
�~Od�@'�SRd|*˝a|xyA���z훨-4KW�RH
}xSyx#AX
V�� Qh�F5
tA��%%6ȜS�Hu��t���~sC'C6kiF5��f�!`N�`usa7�@ki��Fk�PY��L`k6�R\� 9lb�K��v!fBy�T9�&�,)|y�U��>I"E[8
JIf({�/3 �BD?C�C���0&pJJv7WpWmCznN73Wj{熷*��.�ϱn{!ՠ.AC�8J�j�p�X.B2iKB0.pԶ7�z06�Vq�*�a���G�g�-dj`q�aeJݠ�ma�Ew_���NI|N
s1o5N<
E�C!ɠ��ڴb�\Zf3�4!!G�&mЀ`;Ah1[7 <]X
K1pA}x�s͂z�&z4H۠h&r<�kIMmLJ.?6� {
G`p���&{�xk�=`D�wKXb L���TE}�vAC-@X�z��][�
�X./�lv66-0�����ť6NHQ�o���2(%dhK�� 4.gP)AH �=[h��� ���99Y�
��0#!bZIZ*'9Zv{B#:#ZR�τJ��Z
z)0ٜ��ʬ$5M�u]ߴ�
ȉ#�o"0�%X����
,gZ
X��uk�{R)�a�iқНLL݄%�1@ϼ'�2H�`0u�?e!1s WQ�'��s�ԟz�Ƌ���n;A��랒%:�\�f3|�fZ1k.`Fa�w4��dӬiCsӆ�g$rTDh���L˄rf�6d\2Q$�45�K�{ıa|�d�N�yvw�=g&.Q1j�4<3_O#k[}�� T|�z[.z:
%�r%�
5kb�$T`CL
�aDm6#k(mER%��G.4,"cm�'ѠԀ�c�D8q_k_��< [ꏪ�>zFs
`'zpg�It�оԦhʰe�h8`Zz8SJ�D%xR.j xH�kMf�٧䩯1ۉ��h0@q�_8Rd"X @��\�~>�B%O$BV���hg��[QZnsC�z�+.aRI?I�
L!2��ݧ�=1g��匬,~5� � d�i�r�S{�jMQRq~*0y/o�'L]�#g2�ޗg8k�Ew澿��4mcRz7�v1�ܦ;pC%s㑏.Sk�c>�# ,c`3��fW��#ST&)ϐP^�c�0]P9)
fJ����?Ex�䒲h3
]lW��1vL__] )�+!L��Γu
O�#%c:Ye:�@�ݐ�%UQl�k:,`w]�0�>AG5�0�qH�&�3�E�6Y^�NwH��yT9JRkEB�ZG
�cqm�@`L ؇dm/J~(+uE؛v1�������ር54��ʝ,��ӁjFB�-rF݂5�m�"uy@VI�JXhQv{_5MOOm(}��n�L��?~׳�Boɧ0�aɴ�(1<2Hہ�3Nnaۤs:n&2006E�-0P>O\Qj�V,09��|փ�u8B�0X�sf~7�
082t?y{�z�&;�wO4nʝ %g��_�?J��[Lߴ'�@V1�0]��̞�̙�A-m��ۨ*X9 6>b�C&l�γ>A��qHlRK�~+'i`9L8��7=KRV�ӳ�$Rq�d
{59p\Semi{}6Oڧ�FA-=w4P)�fMVJA�jm>a,0r6f.qLspIe1��2I*"E�er�8�)L+z
�{[�s/0��ւRC�Ah|?��|ѝzAcE�iܨY<�t1HCʧr�TuQRunیTJ\WϢ
CJNp�i]EB�%3�2hs%p
-B0_\PFͧ.^je�2I$̸yF0ŗ1%G�Kg�oH@lX;Z�k.ܒ(t]2��2&v��˽'j��D@KY�#fCENmHjQƳ$t`��)۳"��%�8tpL\'M=J皿���`_aOn{ܝ9Ҍ�0�F4I]ZEU+U�z^+�'0��4
�pĵ��) ZR= GYdE.��|a�Z^>]q,g$��X9�H(P Y�GۻBlp�I3T!,�g +f[I)xW
}^gx~D*>_
e���2`^=G}#Ao_�ab>&އa&`�}oT/{Zk\�/0C�~zW?H�7W�wG�Q^��ٷg��P �K)rcF16fdk]=`oNt0lg�ݳa�hy+ 8$apؿ�p.7�zWKߧ
?wL.zW])�ް-< rLpBj_>\��(d�0
szm߄� 6b�3�0vhRfA �fF<$]wFMT�()�M{Ù�WB9�I.Dz=d_U�g0Yt8�ьmj�_aY[�XȬU`�|]7$�>T7�1�ұ�=`����`�6Nop}�N�.�P$�BAnp��z!N)1F�E_TJi�)4J6ѓ:�M�%';yRb}�b%&h8Wߥ,Brc���?<-D�s`:S<�@´+G伨��+=�a]bm����EӞ8)v���6S
�
e�foPw [gY.t0w쯾쏰#�d#ޓd=fc\[);3.`�Y��=w6����HE�{��lh�_D(WPY�~4q4ܚxjx<4�m�Yv��?^xxX��\3mD1C:}r�Ű{CW砆I�W����$U��e>x>HАݛS-p溟8#�M�kO_�zfi'��
]sOA}i^wl'-U�fᖎy
J}~l/t>�D(E_g[{c_��$]
Ra/:���Ld�M�#}ӽ��Jf�:���6hAdal�O�C]hj_s1���k~<Ϥ�W�]g���^R�=n
ﲧ}VZ�tC.q�F�)n&^^\RK>\���5@" b]_��I{O�z۠2YX�tjQ�Wg�o
?M'|ȞF8^Z@ɲg)h��2��>
Ac�ؖr�bL�px�2��HB%L˶wVp�N
Ϧv_ O��%�FJM�Y`-Z؎�9%/�(�;a6�*|�b��\<�u� W^M·⎭zgQ�$g�|o(8�N8s{K�4�W�pU_s
2� |kMG�KLBI|�pI�̼V�&�v
�fؓqi+"@ыO�-1-}�O:d|:7mXY=?ڥ˚�˕�wK�t(u~�1�z.�"uU�;"
>b93c^LF�o=+%;V&Ia�tlc�m�%4%#]D �&��Ue�͏>�uۈcx/O���yn&&L�Jlqx/`����;�(f��cUZtJ}MP� ZY,$�.JRAf�:$)�@8=Nbs_��?��X�P4t['&GČ�T��t!g/i߆�.<�Gb>QT�(j�3.�
Ɍ/͒U~BJLJJ$G]q"q�/�ϙ=MaE$p`�,5J5Nx$K�y��{<͚TGd-��9Otǔ.bI�odb.C Qԗ5z�&.4NmXnH2IDhjbppQ9Ə�
z����_ň��OĖ Ox?�yݬ�6�+ɽĆK��A/!�li
ԥ�aJ4^g�;6AyΪG�`&]��L&j&��cx*){�,����O!wn�dDDGiQKg�!QL[~��+IQ$6y�.]ԧKI"`9נS:�挢!}n�o.
A7ʹƞsGmRRU�᧽8ׄA�0� �� UE��sxJzzZ'ay[6,��;�*��|q(]�$ 3>�&DcZ�n"�Vc}�W*)؆"+݉�R!)[ʋ"g
Pu�Y�:/r''X_��0lmNQJeIn��
>csK4O:,�>`&�^0Q$Q-P
|�֣#����Ljo-�_�NI
Quґ>a 'hD�8Dv;�[[PAIl�fyf�
*3K�sߖ%*Jc<��A�;/K�|eG�wWJJ)eؑ|J
4O(��o.o.o.o.?eX0W/9̘@~u�g{Ӡt�~C0%yC1�:Փs�Ϟ6=�J'�Q�֯n9/�lR�u)|(]hKe�4@�ֈ�_�N+p�+RwI%�؆$,�zxN TƔae�W�}u%јnek�w�ؐ�3'&�%
*,-ha/�\Z[�Գ��VbTǼ`F(c�ś�"FJk�-��q�Vm9ȵ�kE����M�K]�uW�M7�dicKX] ~b| V~��mnjk���1uE���|32�wmQin�B36<�z5�80%_a
�ř�C$�D� @$�Z�+Bf;XXԘ?H/
T
Q9;]=ŃrRկ?�Z�Џh: #{Sx/`gj�J⠆Գ1jo
,�0"3B� �����ȞI�֫�]/~趶|Tx�3�#a2�&c?^Hě׀wCk
-ێ>g�� f�^!V�W�8f!(Ӽ`JIB;w-gI)���kD
]H콾7l1g�R1�?�M�4�S�f%^��GPϧN h��Lx�;ކ&gI�(L˃rYJT!/QaQLA�J̢e�^(].\O@vyAM~e#֔jB�bկO�G6qZ.S�a��fx3h�νc�oJP!�v_Kݪ_hxTܷ8#/XH_�#mYᅮ$yd�1����51Y#;Ћg���d��좵��Dxiq�1ƛ��e�3L3`GyxP:P��%����}�-�^zU;{��m`��qԴ}4Ґ`a8O��I}jVFx`$77�g�@�a]I��Y�0�ͦ���0a����um|1v�#oU?&.D%3(, @�^t��hvp^xC)LűI||S q-Rx)�) pS�\�^��[q'�H|�mA58�Ib�b!�iOT�#|ȮtHA��w���Pیя TeQO^t/���]fC:�a$�aZ
�?1vU1h}(F�y�B4�ĸWn9�I��D4677m��V-�D��9��D�NE0V)7�2T@0¼~8�]�bɠ1=���^.ῴl&vf�v�\95%1e!��riF��c%5'Q�͒|��Zӊ,w5]�dDo03�j֘1Fh*B ǯ9-�Qj�5�^�ݬ�RU
BI��?X%��]�Hi�t�3#�m@�/=�z^C֟vn&(m'h�zBRKov�O�%٫3%ɳ0�[}i/&�TLh
7p�K�$:T�uN8X x��lSaZǥ �~�
� �s��9 *1a�z
~rjc7CyQ�9s�SGV�j6*
���eoM�w�ɀ]�CAnTr0]S>=$`zҧ�Ed#u��s�̫URnRw5Zx�
��hx>�#9erI>HP-$�_jwo&q}[2@�
eˡW�qUc\�F�5F^�1RR$��z]ګJL_z��>dY{�" �:w^ac�i7tK16V)to�|�HI �-g~1~"jsa
s)F�ʒ�Vi
ͬ*J=!V\Jc2+":;M[�f�$皭٦v� l�RЁH�.M
?_J m+W4�D�at+nObx
|Tbtb
1�#ZKHd��%�>�OeB���b�2
\�cЭ�B%ϪM;InP}sY?e=`
�'�24/xy�Bʵ/j85��:�UHD8A�3p֢�ZO��a25�+�
SxC�7�)�j�E%=htq�ـ�jSEl�~e:td+��6Ƚ�G:"&s'M؏p�KXS�;"ΈoX�{+$ɽO��g-m*uFf!"��Q��"B�p���.af����@}m"���j�y;暸�Ԗ}tQh0x>e}/q�9$�.zW\Ax{�Bxt\$le>s��{�Z�_0nh�"ķ��>�BZ��s4g1;ٽjP:,1�Iݻa?Ø��{V�Z"_R1��@Qm>�~3�0&gn'!"��L�K6@@P0H��7ã�&"F$�1Ʉb���N�[�6#&|m�I(=(A�~@>{LQXjm��*�!b3wģX,?@�I�F�K<�E���T��&}�fA=bAa~L�!�hRF�·:�Z��&i0s�s���Xc�+wS��a|L�?q|On# s3d�f):.
l9�:jK�15&ƚ��,|�z+$n���K
ቊJ$�P!%�h$bcx=9a93-B2_7==3�}��
=<�RXX_1ԻPj$4�%|:*!dW`NJRM�/]z#�YS^*�ӄ^I+BYY��/ �,HjL�
W�Pɺk�$͈u8�B/>
in�>�Noz^t/x
зpkts|>_>]uozWB`&hT慶��L]$,C
rvվ2;eAq(�Sͅf�.y.r584dG_0C4�We�W[>�JWf�o��Ll+�B=N;�Ԋr�zϏПgg:^.9u�Χ��A=�^Z�+�!Ys�܄q�P��"��!_u�Ф�Ż�`Nj_�(.?m�sP)GN�fw�nN)f�}r�!�>B^u.u
^'��gzW9^N��Z?�r?C���fe\�9_�<@�^�}.ss _ yß92z'(S~�9_BeN9U^\�UAsO�K?G\�\5ԿΩ�s?���?���P_�s�+�> )~P~W�{ÿmN9$)g�vqv�sS^-NrZ�}W�W�KC(g��[�~2:εr�k@A׀~ KI+ťW�
7K\3L1nv�}אG{1Ri� V�{yD�J
� hxVyd�J�
bye?V.%=)>w�懤I��xϕʹ]!&JR˯-cENF9.~QJxdJ$dS3,F�Dkaϡ$%��]#=D~(�s��\�~�<�g܊2�nOArtr m>v+y\�G�^v���^��E�`iBWOTtE�ǻ�80~.�M�HX%P��[�I��6M�Ί�ژq��xL´kLW(MUѝHOi3A ��ap��m
��@%�YM�A�ɉ�(�7 �kDF(�t#by��ܝ0@PJ]Xr����{�P3xX9�5�g[=Ǚo�Pں�wh/��O^�!��M�vc:X3!?gITÓȘ ���bՅr(�pIi�F�)�Hˌx˟$4�n������^|4ې.ūj!fEZ08B8L=Y�}T.q
"�*kH�*s�{B�|% B8̈́r{Չe4Fb G`AtN[�)#,|HNSPwXfH-��-ON��k!|ۃ�7(![��f�&}#K���jST��F\�gȌaiJ'j�:BQZb�mă7�n˽�*9�=�A�Sh4�Wϛ75���UXI%�ލE-Ŝ�z JJ @b
S%Jv,�v{*�/�Oe��;BI<�!�j�v2Gd!᳤c9*;�S�2m(U>r�}7�{�,ݤd/+2b%�l�Hy��tw.�%Cb9G8]!
MIE�`A�]|e�D$g�
�7Eϩf�3�C��>X�읙f�c.Mc(ŬBCd��=�)O?o'[nMG\��U`0vaeh���<ձ]w
�O`7@#>Ƌ�rd{GoU�1$+nvG�D
g>��6'ك|2=xM��1(Fْ[0�ƞ-�GFu:WY �965O���~���0qGĶrC|R4oΝupv�VRv������?H朙/.9�9jʲU '8"U]{Gmm<^|:y-n�E�
�h�ey�* ��A���/ʕbA<\�n2?>Ş�i#*}��@ �(ۉnFTt��5k@4��BG-E6<}܈x~�ͺÀ��
����&^x.،U\)�S�6r)^�FELm®":s k`P
kL~sx9YʐL7\ȏ,,�L[O�C�hXz�=�E"ҁ
)Q~ ��f�K#f�E)[�Rjd�n�~3�f<�4W�6QĶq��y5}yX0#ErKgc&aZ!%rX�gWȀ7H>Y{D,5Rhb:(�Z��0��
��9BMhc{pfi�#�s�S/.f� � A�ixUv�X��c`*F"�\J�JS�$
WY�ͦG(�u �wm&l2)v}ml-c6�C-[{�_R8&��
|
Network Security & Hardware 
