Slashdot Mirror

← Back to Stories (view on slashdot.org)

First StarOffice Virus Sighted

Posted by ryuzaki0 on from the batten-down-the-hatches-maties dept.

Sam Haine '95 writes "News.com is reporting on the creation of Stardust, a virus which uses macros to attack StarOffice, Sun's office suite. The malware was written as a proof-of-concept code to show what might be possible rather than as a serious attempt to create a new attack vector." From the article: "The pest is written in Star Basic. It downloads an image file with adult content from the Internet and opens that file in a new document, according to Kaspersky's posting."

9 of 166 comments (clear)

  1. A Virus by CastrTroy · · Score: 3, Insightful

    Is this really a virus. It downloads and displays and image with adult content, and displays it. It doesn't run any malicious code, doesn't touch your file system, and doesn't leave any trace after it has run. Sure, you may get in trouble at work, if it downloads the single image, but I think that most IT departments would understand, and wouldn't be able to do much for you for downloading a single image with adult content.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    1. Re:A Virus by Golias · · Score: 3, Insightful

      A "Proof of concept" malware example for a non-Microsoft product, such as StarOffice or OS X, is demonstrated in a controlled lab: Big news!

      An actual virus which utterly cripples Windows PC's is discovered in the wild: Business as usual.

      That's pretty much all you need to know about Windows and MS-Office.

      --

      Information wants to be anthropomorphized.

  2. Learning period by suv4x4 · · Score: 4, Insightful

    The more open source products get used, the more their authors will realize that it's not enough to be l33t to write a secure product.

    It will also require tough and down-to-the-ground tough work such as researching the worms out there and patching the product out.

    Another thing is: you can never "fix" the user, there will always be the guys to run attached executables that promise hot porn and FREE MONY!.

  3. Bypass mechanism by 16K+Ram+Pack · · Score: 3, Insightful
    Not enough specifics. Does this bypass the "do you want to run macros?" because if so, it's a virus, if not, it's a stupid user virus.

    I'm all for protecting users from their own stupidity, but in the end, there's a point where people stop having any power at all.

  4. Re:it's still basically a OS security issue by Otter · · Score: 5, Insightful
    If this happened on a Un*x machine (Sun, HP, Linux, BSD), the damage would be confined and limited to what the user had unprotected. It would be highly unusual for a Un*x user hit with a StarOffice macro exploit to have enough exposure to compromise the system.

    We have this discussion all the time, but once more can't hurt: on single-user Linux systems or Unix workstations, losing $HOME is far more serious than losing system files.

    --
    What I'm listening to now on Pandora...
  5. Re:Why go through the trouble? by sidfaiwu · · Score: 3, Insightful

    The point is that the image is downloaded and displayed without the user doing anything other than opening the document. The 'proof' is that the code executed even if the user did not want it to. The download-and-display-an-image code could easily be replaced with more malicious code. That is the 'virus' part.

  6. Re:it's still basically a OS security issue by anagama · · Score: 4, Insightful
    If this happened on a Un*x machine (Sun, HP, Linux, BSD), the damage would be confined and limited to what the user had unprotected. It would be highly unusual for a Un*x user hit with a StarOffice macro exploit to have enough exposure to compromise the system.
    For me, the system is the least valuable area. I have system cds and if it gets borked, I can reinstall and reconfigure. A hassle "yes", end of the world "no". What concerns me is all the irreplaceable content in my home directory. In my home dir, I have all the privileges I need to ruin it all. Now, I keep backups because I know that all computers always fail (at some point in time), but most people are pretty cavalier about backing up stuff. Of course, when I backup, I only backup my data because really, the system is stupidly easy to replace. A person who loses all their baby pics due to a malicious macro isn't really going to care that their printer config is still good.
    --
    What changed under Obama? Nothing Good
  7. Is this really a virus? by xutopia · · Score: 3, Insightful

    Pardon me for asking but doesn't the definition of a virus include duplication? All I hear is that some code can download a picture. How does it "reproduce" itself and infect other stations?

  8. Re:it's still basically a OS security issue by I'm+Don+Giovanni · · Score: 3, Insightful

    "People who don't backup /home every night deserve everything they get."

    But even if you did backup every night, what if some malware corrupted some documents in /home? Maybe changed some vital data in a spreadsheet? Maybe the change would be too subtle to notice, and you're spreadsheet would start producing incorrect calculations due to the incorrect data, unbeknownst to you. And when you did your nightly backup, guess what, the corrupted spreadsheet gets backed up as well, so now your backup store is corrupt.

    --
    -- "I never gave these stories much credence." - HAL 9000