|
|
|
Researchers Pinpoint First StarOffice Virus
By: Matt Hines
2006-05-31
Article Rating: / 1
There are 0 user comments on this Network Security & Hardware story.
Security apps specialist Kaspersky Lab identifies what is believed to be the first proof-of-concept virus code created to attack Sun's StarOffice suite and its open-source iteration, OpenOffice.Security researchers at anti-virus software maker Kaspersky Lab have isolated a new virus aimed at Sun Microsystems StarOffice productivity software and the open-source version of the programs, OpenOffice.
Labeled "Stardust" by Kaspersky, based in Woburn, Mass., the virus exists only as a proof-of-concept attack at this point, according to the company, which said it has not had any reports of security exploits related to the threat, or of versions of the program that have been launched into the wild with malicious intent.
 For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.
Sun representatives didnt immediately return calls seeking comment on the StarOffice virus discovery. StarOffice is marketed as a direct alternative to Microsofts dominant Office suite of productivity applications, with better security being touted by Sun as one of the primary advantages of the software over its rivals product.
Kaspersky reported that the Stardust virus attempts to infiltrate StarOffice and OpenOffice by using macros, which can be used to execute certain actions within document files. While such attacks were once more popular among virus code writers, the technique has become less prevalent based largely on the fact that security-minded users know the threats can be stopped simply by disabling macros for the infected program.
Click here to read why an eWEEK Labs review concluded that the OpenOffice productivity suite has the edge over its relative, Suns StarOffice.
Kaspersky analysts said the program is something of a throwback. "You might wonder whats interesting about this, [as] viruses have been around for a long time and are starting to fade from the scene," a researcher identified only by the name Kostya wrote on the companys blog site. "But if you look more closely at the name, you can see why Im interested: Macro viruses usually infect [Microsoft Office] applications."
Based on those factors, the company said the virus may well have been authored by so-called script kiddies, younger hackers looking to build unique viruses to establish their reputation among malware writers, rather than to cause problems or generate profits with more serious attacks.
Kaspersky said the Stardust virus is crafted inside of a StarOffice document that can utilize macro controls that can then infect other files. According to the researchers, the program is written in Star Basic and downloads an image file with adult-themed content from the Internet which is then opened in a new document in the system. Once opened by a user, an attack built from the proof of concept could then infiltrate every StarOffice text document residing on the individuals computer.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������xr80�VӮc�]mT![rYST婎PP"$M�{%Ο�� 7I%_ϖ˖�"Ld&�D��?;;~$riOɹc,,Jv1أ&w$5wv~]4Y*
dx���@Բ|W��軫�F]̩(�P�?`���᳑(,��%7n\R_ƾQ85'M�Lb�q& �*N�0o�dб!ZdI}9e(��feo6
usʾVWR\W{Qxgچs[7q*sؙ�7:�)UU�e=,�#Ko�VVa(λW~d@.z;ggQa'H
Hw&
LT*jZ*�ΓLCa�:z���`9rM7J�Q߹�~ISC �Ina�>E�4aEU}dnhЖ-AA9A,�3sA4
̠+`W:k 9zq}Ҿ~^{}rһ"qYxG0p��Z_Zz�fc�߮C"A"0Mߑʾ�#3��\v,ZκǤ uXۃ6��2t7Q[,w.
�RJGX*V�� Qh�F5
tA��%�e9"���:��Pƚf}�{ -ͨn�#d��i��&/F��h-
@ho�*K��Lr
&@Sk~�$M�5ņ]�)!etFS{ۤ%/P*B�-)\D7h+�ԜW�S�EI7#DD�
v�x�W��"ʥ��g�p1SUҽT,�[�\28�>]7kDm.�s5-wjxˢ�aZVp�x=mtZOW6_.=t[�:0Wb}Phv�ZM]�qsuժ�J�,�PQW*&�r/�f[Ԗ-Pò˔A'
_���6aϩ>w��b�鶝x�>:AGA�ticŦwh4O@�L�r�Ӈt��u@�>�+�ߙ�wGݺ~LnXŞ+�Sm�}0CG�E�6]�LR}j;>t��HhR0<�sx70ܚ[s_�#]ӽk:F��?L`#0.Z-{����Be^~�}�¢�PsO�>ȁ7`sD[ݴiǀxX).�%w2Z}g%n.G)))?�]HPw9�J�
B�!B��0H��`P|;;�.V+�\y"�*M':Μ3T+J�x&S,BV-KᗄPf%i2m<�-&D7r"�.G wKᙖ&@F\jIIJMCA��IqT:Zۯ(�Czt�Ȋ*ğ�wM��ҵ'�.�6`�]?b�n;N�%}&*�ߙḺ �->֔MGYS�=̜;"z
[�q3�7o�j�ab#�ޛl~9)4+��p�4C�}�52{B�`r�FVedң!�?�p*JNC_kVzq}v7MAV?�R�y
�|;�p��9E#rUϚX� 5<9.�&B#5w�c��lBaLrUuIYiJ
US5��
LqK).E3gNl㜜3F]s;tOk{_&뽵Zd~�$/gcPoWu�JiO[�&��9ފ9²93�F]��RYJKY$"�X�Rvӱ�ϥ5ò�=C�M*�&Io�k7C��SsbR6q�jrIi3#S�Oo^�viz\N�6Y`�aP�eQ@7MVRQy�:zǎ�As,0H;k\m|f:���?&نdpܙDhS�+}ne�DIuU[33R�%\�T8e\4�8�L XbOF�\F��Kzn//,�g+IguMٓ.ZL՜L|r�N �YX�=:=4̄�+ubZ'TM!�<ݝlZA_a֚v��gjE)jL$�P�/#[յ��3q,˹˧�sq,-EZ!禽��`�mYT81G[/O#BM��Dd�
s8uTU��֜�/zOј.�lE+Jc�\�COњy]ֹ32-R^6=>8Ԣ\Q߀+�KRM0])Xk±�&>,3yEW��>Ѐ�ap���"}����je���4>�\Rb�r>+�eT07)5*�Iy�-"P�ˇ%Ŵ�谢��tڧ�s!�a*73� Z|�O�z^*k19ɡUUR;,Z
8+��8]e��t41 9t&�~y09׃|<4F�tE�kJoο�Cu�>pȥK-ޫ�c�Z$ c`3E��_��s;OW�rL�[)N<:�`��r]TՖ>��l/���Џ]���Mt��Akߙ�,
�ܠɠ
0ԴgKZ/*�0�nG�-<��K�$�Xc�L3nh
0�7X[�%}�v�zoJ6Et0Ȉ�NÝ�GlȡTj�3};`[�%J�y�V�9y�]%��fZ+a1oM*=<^5AYd^E3pS<ܪ�+_�|s���A7m="JL7Ϧ3h�{9A[D" 5r?_mϼ��!p+�*騫VIe0&30�҃ ek&�w%f�*9<�l:��sݿy�jm�==#}|pL�YE�+琩os�C/�
ƻ~rn�Au3��U�sf>
��L|�`�y3'GuE|�\D"pLn����ȈDrz�T|1'y�f?�yT*JZ��$*q� �{u9p\s8j�K#oh�ߪ�靦]�y��1`}~w]����fCr~8�D)�zŽJ�vi�Խhwu@*�V%�?\>]yC�[�qoU�h3 J@�FS�$bw}|ɾWszZ^�a؆:'0BZ@�ID*Gw.>t/ėt{g+~Ju/:R1ARz0�&:~8`O:�a�Ӻ
�?>m48f�`
xѤĢ8"cxH;~idL�i���Wq];WY0z)B3ZOUc z
Au<>Du0c�R쬩 30�qJh"�:�Q%;�)~ڰO�ϣ�#��+y-EY-V
ɏX��z�Sa��J��f� S�Ӣ_,�wuO5mO涉�X{k O�~ؑqD�t2Ti�'�X6
}huӅ[e�Цw�yv$sm�#�.�3>^Y��l}�DK{,a<�q�ͷ�v"/;~�\@Fs��RɵiLiPweNx>HАߚS=p9#�M�LMݷ͆ܓ�Xwݿw_tNiimǡ8�5��0N|*4P$EUՊZFﯾ"2�NIJa':��}L9z�d�M�#}9��Jf�z��Ӽ2hAda>7�<}|C7跷�bS
o���Y.=]awQxIݣ뻻TÞ6vYiEu�.K\�-"PnǸx${qI5.tu�?-K`\To�y^f} ,$.Egg�"fFc�8өEE[o\{mef7�6@!{��zc�G�]MA���Ui
��l�{�;g
#1? <�v2�.�߮�ݘ�8)<�A~A<
vD�4�)[7y:F}ha3��⫆��,(0iE0pDVa�%$\}5 ߈;6bE�#Ɠtǟ-cz�p:i��p*9ߘ�����P�??\=3q� x
�Fȓqi+Bb�<��h�0dm�,�xD9vނ'.`_u��c�H�-}h�њPvHD�O"�h@=0
ql2ϩR�FC-_|��]`銿܌�ț,�&J,��R ��1>v.]0/&#�6\�✝�`ԤX�}plcY�0%#�D �f�
Qe3O>�uۈcp'O�.��yn&&ĤۍL�Jlqp'`!�%�;F f���TtJ1�Y�8��n`G�\,OMVAf�:$Qm&1b9|q�ь�]͂rTSN�8-�^�#Mc[�*nG23�4o�JSuL��1E�B(Z*aYfi9ϝΉvR�[%�d�fI&*qIMl!kbs|&r�%KRUCޮ8(_�Wsf�"eSXR63�o@zII�/$)#1�#BroI�^s]ꀬQ"GRNSRE,3 [ݜL�<��9�_�FQ_-�C�8Ma6P&�)kjp5Q9
�
z�#�bd�'PBbP���Am�`2D�;�S�V3�xI6{lv�ԏ! ���OdסK%�[Vx}of9Y��Hw6
��yFD41�fF�S� o�ܵ�J1&X#RBbn)={pU_*,�4ADOL��9{I"��BB=:g�ZF rφϼ3\0s-��\F-�p�HB7/�uGon1o80 V3Srnz��%�4Sh�~�Vl62ӡ.i�I-�ڦ�Cl�(I#x��ۀچc��^xQv�Wtׅ�dhٵڈYѣs疮$>zWʲ�7Z~$�w
[M9݃�[�yG�¡$5Vfȃ�$8�Ǧpo�QqDb�&$�X�í�!��]�D/�.ޮcb�>&:F&?�K\WHΑG}S낅�0�[;�hO�?�>`qy�!Z�z8R��~�xr1̢Av1S.Z{@
aL7�s"/FxG�luy)<&ř߱ExȹS�`܀w)ZWqGZ6
���?fT��,�G{��#9/!�f�,̍~ �PAgt~D)3:fɈD)/�[�G(opwnc䭽եd?�?~܉nd ?s��� lH?I82OXo*�D2E��o7
<�7�n���P���w�ķk�ē;uͮYqG^Ue�vZPN|l:.,+Bjj}o�S]?
DŢW\̸�#)5@,6a��)ȁ.c�1�ʱ, <~܉.X!"p[iZ4�#^䀲9L��'Ʈ"��Jj��adw$ƽRt�EϹcL�G�l&ꤾMmMi
@�ja�#blZO�'p.$XDJPa
��c8wQ%�&���^Rl&vn�&i�\95�͒E� 41�^xՔ}ub?=G/utIkb"]I1xy��[/̀+5fL3P;lNz� yԥ:BMEWTUBhr�F�,GZ|^c�a:k�6z^C �GLnGao=!v}cK[7�86�]4_q�=!o7@'�ՙHY�,ݾY��yr�:h
7p�K�$:M�sr8X�!x��lSaZǥ �~�
� �s��*1aZ�~�RQ�ߡ�Ɯ9_
#uMi
fGǁ@k]Egw#ɕF:ssʧ��,TO䲈֞uζü�cn?yKj
Y�e8.�qB�):-sN�%a|ȤG�V$b�X�~z�78>&-� '��+j17�
w=kt�zive{qt�ϩ])���xo/�5&o�I{-�lsb�O�6;0ڱ�J J
ݫ��?RRmF��96z_ayZܾ\`{Ű|g�eZ`3+nsl+ZKȶ8+ilwIQg)q8�@�ȩn붩��t�t KǦ/HkYT�x7"Yu?l�q1<>*1Xrt1Іֿ͘�&|ɈsZ��19)�oL�W<00t#PγjN�T]OpYqN �&�^�8'��:{ћWZ-�Fã�/�|�T2/b3-ɤ#�E>xAn��1K= o~{@ܦr
�q,&�-E||z['Au}�H?Km1-珖+62���Ո���_�ٹt>"?gs?��>zx�d���k�`�Cߑ7@G���G��/F6���C�OwE)�dP; wMGE���<^ֽ?�#7L>�O��Y�� \S-�r9GnѹxuW�1"�9'p�h�\`sjܪ@KK*2&�B�s�85��or~�tN�n�O�KZ�&�6@@P0H��7ã�J!F$%�dB1fH
�[�6#&|-Q(](�ӽ(}|u/�[?� T6CĊ�1�gGiX$_A�I6F�K<�E���T��&}�nA=bAa~N�!�RF�·:��Y��&i0s�s���Xg�KS��a|Ln�aи/nG# s3d�f):.
l9�:j�eO�g�>{0u���K
���RC´vxW<6& .ycI�� �^yN4_L�83��2���{x�C�bRWkJ%|�u���3ʰ�LXU+��/�ͪg2Vq&JZ!�J�`x�FA
dhz߃J-
̱G|�LBz،\�3ݾ�>`R�rһ"-rrUr]Y��Ra[k��|Uwz/ǽ/'UbPh��|j5<6�ideAN.Z�f,(�\=\h���,�^;KKvE 3@cqy�^ qG(?��xe3ʋ KNa21-Sj:O
;��N|vuIc:|jq h��Q`1D��'MM�o���
)ns9�E�Mj^+Q_:�v<)��s_sʯ*�)Ay/�9}]��;9P~]~�9ɡ��埲Oi7.4r_7^C9/4?sʿ@3��fy�9�<@��}ss��yß92zg(S~
9䔟CyN9E^\�E@rO�K/G\�\%Կ̩�s?}�?��_PO_r3+�>�9~P~W�{ÿuN9$)g�V.qv*esS^)4rR�}W�W�K}(gU�s�V^�Va�{Cjg�U_?Gޫ@/q�{yk'�R+��]yKxM}%kgV�[K�rP+ȣ�_�K^浽Ie< x�EqB+�g�ل�@CX{#uO'NW4C�ﹺKd^ WsM}ӉzZ?Ś/J�Yy<�q�sj��Ⱦ>w-9�(c#h2�{HO8ѭ=\�z[��xY0@x`b��MtK�n
��yɻ
%>�|
#r�75iyn�hg?>/�ydVVյ/#B5Af_b
9y?'OxVfw�}�4;(�w�oRgU=j{��4o�q�a� �F��x7�j�܌��
>w?]u�_k�ҹh
/[�:졽7J쓥?�
}̃oDV�)pF �F�,R+|c ,��Oa4�D�=C9fhNhRGsn �?L�g
�n�ǖ�$
Rp�#ZִZjVU�?'W�+5�#:�Q5YUdN.'�jUeR�L��3B��/(�@#غ7M{%}C7"8fȳRLq�
u+ҷ�J�!'\C�xߏ ѩ|FCW2f�dy3K `lQKpkx;r(�q �?,�(�s��Y^F�lO��B/�#V��x/0-yjv1R�
��V{�[1g3D��:'�$q8Sk,��ӄ��Y!D˸�f�z4}�z<87mJ)�l1@�й
z�9d�Ldp!gB-Kt�^@e�D�K*3B'!c�jϗ07:aKƈ��DM�KIn�.)p
H-���I_5�B3u{^�9x��/��C4|'o*�qm�X�?�ap��N&�o,�Lw u�-�I��փN�Ί�Zq��xL´k̯P;f@L��V80>�/jxhd9Mk��_$G3x_'05:�%�xl�Ӎ�Qf���r{^f$j�A+�_acY���Z,�.�S@8>�cc>H[8=ۺ9|؆"�1w]W�-}~K5 D 9bWM1LOٽd9$2fǃB�mu?�\v�ix!F+�2#0' MĮkfAj3�̴�n�RϥxU-7�H�&�G�� ?�>KGJ��Ǝ�$z
0qy��0r�'�Sr�]\ʧ�%NA1W]f��A_f|bOh�>\�s7n:r�M�h.�Yx+�DN焽�2�m5�e�Ԣ̱"t/I߱��98q��6a`a?�>V@>EՋpaHz�~Ơ#)�e h
kk!�t^зkdUuPə�
Bx��,+
O*_n,j9.KPRJ��Vr.Q
?f�0UZVAxqԱx*�DܺlQ���qmdx�}�҂A�RL/Tvy*3*>�% �/�1-i�ë%^�cHPWFׁݜV���Xo|
8l�O.�d�6]�CF|�eK��y
9D/7agJ��D ϱ.y*�3@FWD0;"6����Zyc�KE�%&(Xp\'A2tmw)QKW-�9���B<�oc3�9+ot-(�odV@8],ӟ�~H϶I�5�"`�w�|i[��1JpC)�tO�U˰��CVt3B�׀o^��zX�տd�2>�ΘRnãÍGX�Ǹӭ��[+�qy>` <ЩAA\bXe�ܜ�1YF��Ѩ %^VDg�d
�)/߶33pݜS¶"�yXO�Fb�,LڙBz�r�<���+γ+�/�`2�u~�/'�8K�IZ���e�pCikIW�;;abV�
�XâVWqTR:!�;
د�D?8-�ciL��;ecXJ�XF!&�7�O80�Ux|�-h\l�}[}pX���˱>%hw2bo�_���(4�3}E.t�G�z.R@ђ�ڝ4��!wj��/e=;`on����g�s7*O�Р~oPVK�G�3�HZ�\֓}\/mt; o]��F駰a1RU>\J�RSk$5WY�ͦG(� �wm&l2)v}ml-c6�C-;�݆�kZ&��
|
Network Security & Hardware 
