Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

First StarOffice, OpenOffice Virus Found

By Ed Oswald, BetaNews

May 31, 2006, 3:34 PM

Security researchers may have found the first known virus for StarOffice and OpenOffice.org. According to a Kaspersky Lab researcher, the exploit is known as a "macro virus," previously only known to infect Microsoft Office applications.

Kaspersky researchers have named the new virus 'Stardust.' "Stardust is the first virus I know of which is theoretically capable of infecting StarOffice and/or OpenOffice," researcher 'Kostya' wrote Tuesday. "It's written in Star Basic. It downloads an image file (with adult content) from the Internet and then opens this file in a new document."

Stardust is a 'proof-of-concept' virus, or one created to demonstrate how vulnerabilities could be exploited for malicious purposes. Even so, it continues a recent trend of malware and viruses appearing in places where most would least expect it -- be it UNIX, Linux, or even Mac OS X.

Up until recently, most computer users have incorrectly assumed that the plague of malware was a "Windows-only" issue. However, such an assumption has challenged both security researchers and hackers alike to find issues in non-Windows based clients, and for the most part, they have been successful in doing so.

Macro viruses for Windows have already caused trouble. At least once in the last year, one was used to launch an attack against Office users, and still unpatched holes leave open the possibly that more could occur before the Redmond company has a chance to act. Microsoft is expected to release an update for Word XP and 2003 in early June.

Sun, which creates StarOffice and supports the OpenOffice.org project, had not commented on the issue as of press time.

Add a Comment (28 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By utomo

edited Jun 1, 2006 - 11:08 PM

Where I can get more detail info about this, and also the sample if possible ?
Thanks

I found
http://www.securityfocus.com/brief/218

Score: 0

By GCoder

posted Jun 1, 2006 - 11:16 AM

Come on open-source guys, double up. We can do better!

Score: 0

By acey99

posted Jun 1, 2006 - 11:13 AM

Virus or Worm?

does it do damage or does it just open a file ?

accoring to this, just opens the file, no damage.

this is a worm.

no deleting of files, no ads, no malitious acts.

Score: 0

By templar™

posted Jun 1, 2006 - 11:36 AM

It's a "proof of concept".

Score: 0

By Babylon2x

edited Jun 1, 2006 - 10:25 AM

The whole open source virus thing becomes pretty tiresome.

I think what annoys people most about those who support open source software is their reaction to every Microsoft product-related threat, always saying the solution is using open source, like Linux, or Open Office!

But wait, open source isn't perfect either. I believe if it became as widely used as Microsoft products have, there would probably be just as many security threats coming its way.

For the amount of people using MS products, I don't see half as many uptight comments trying to push aside anything that pisses on their holy grail. Whenever some open source software problem is found though, you get endless people trying to stick their head in the stand and prove why it isn’t really a real threat.

Hell, it’s becoming worse than religious debates. Why can't we just run along now and stop being childish.

For the record, I use both MS and open source software such as Linux, Open Office, etc. And I couldn't care less which people decide to use, but I am pretty tired of finding all these uptight comments whenever something is found against open source software. It seems to have more fan boys than MS judging by the reactions you always read here to an MS threat and an open source one.

Score: 0

By Kramy

posted Jun 1, 2006 - 2:58 PM

To answer your question...80% of PC owners are sheeple. 10% are knowledgible, and the other 10% of people that own a computer are probably running Macs or Linux. That means we should get 50/50 on both sides of any debate, since the 80% are somewhat out of the loop.

Score: 0

By dwaterman

edited Jun 1, 2006 - 11:51 AM

Are you trying to turn this discussion into something that it isn't?

No one here has claimed open source is infallible, but it is safer to use in many cases because it is rarely targeted.

Score: 0

By bourgeoisdude

posted Jun 1, 2006 - 5:18 PM

His point is that as soon as Open-source overcomes Microsoft (if that even happens), open-source, if nothing else, will be MORE vulnerable because the vulnerabilities are so easily accessible to the public. Faster fix, yes, but easier breaks too.

Score: 0

By dwaterman

posted Jun 1, 2006 - 5:48 PM

I understand his comment, but I don't think that it is a given... I don't necessarily agree that open source is more vulnerable.

Score: 0

By PC_Tool

posted May 31, 2006 - 11:09 PM

Stardust is a 'proof-of-concept' virus

'Nuff said.

All you haters can crawl back under your rocks.

Score: 0

By jspratjr

edited Jun 1, 2006 - 4:24 AM

"Stardust is a virus"

'Nuff said.

Score: 0

By PC_Tool

posted Jun 1, 2006 - 8:55 AM

Right. We're all shaking in our boots since our beloved Office Suite has been comprimised...

...oh wait, it hasn't.

You do know the difference between 'Proof of Concept' and 'In The Wild', right?

Score: 0

By jspratjr

posted Jun 1, 2006 - 2:24 PM

Ahhh...let me see, "Proof of Concept" - "In The Wild"...ummm...that's tough....but I believe I get it. Quit being so narrow-minded - of course your "beloved Office Suite" hasn't been compromised but Pandora's box has been opened.

Score: 0

By PC_Tool

posted Jun 1, 2006 - 7:25 PM

LMAO.

Yeah, okay.

Apparently you don't.

Score: 0

By jspratjr

posted Jun 1, 2006 - 8:47 PM

LMAO.

Yeah, okay...apparently YOU don't (trying thinking outside the box if your brain can handle it)

Score: 0

By PC_Tool

posted Jun 2, 2006 - 9:09 AM

How does a POC harm the suite in *any* way.

What's the point?

Anyone with a *brain* knows that no app is impervious to viruses. So the POC is only "proving" something we already knew.

Yeah. We're shaking in our boots now, genious.

Score: 0

By Kramy

posted Jun 1, 2006 - 5:21 AM

"Stardust is a virus that is not spreading or in the wild, but represents a threat."

How's that?

Score: 0

By eclipsingdivinity

posted May 31, 2006 - 10:00 PM

I find it strange how office suites are targeted by viruses. Why? Can't you infect Myspace IM or AOL Desktop Search? Do something interesting viruses...sheesh.

Score: 0

By Philosophieren

edited May 31, 2006 - 6:09 PM

Opensource or not - it isn't a matter of being vulnerable to viruses, but a matter of speed of fixing "holes". Say, if your bulletproof jacket costs 1000$, it doesn't mean it will protect you against AK-47. Everything is vulnerable, and that's the proof.

Score: 0

By ZenWarrior

posted May 31, 2006 - 5:47 PM

Once again...it's just a matter of picking your poison.

Score: 0

By rijp

posted May 31, 2006 - 5:09 PM

Yeah, all you nay sayers that said opensource isn't affected by virus, would you care to recant those words?

This is PROOF, its ALL a matter of time.. and presence.

Score: 0

By PC_Tool

posted Jun 1, 2006 - 8:58 AM

would you care to recant those words?

Nope. There are still no ITW viruses for this product.

Yeah...it's possible. Did anyone *really* need proof? A virus can be written for any product on any OS. It's always been a "matter of time.. and presence".

Anyone who thinks otherwise is an idiot.

That said, OOo will very likely *never* reach the point in popularity / market-share that it is likely to be targeted by such things.

Score: 0

By ogman

posted May 31, 2006 - 8:16 PM

yawn. did you actually say anything?

Score: 0

By dwaterman

posted May 31, 2006 - 10:40 PM

...you certainly didn't.

It is only proof that it is possible, but until it is targeted it means very little.

Score: 0

By AaronDobbins

posted Jun 1, 2006 - 8:29 AM

I am curious to know what your reaction would be if this were a 'proof-of-concept' on a Microsoft Windows or Office-related virus.

Additionally, do we know that it hasn't been targetted yet just because it wasn't widespread? You have to consider the number of users of OpenOffice against the number that would get infected with the virus.

Score: 0

By dwaterman

edited Jun 1, 2006 - 11:38 AM

"I am curious to know what your reaction would be if this were a 'proof-of-concept' on a Microsoft Windows or Office-related virus."

My reaction would have been the same...

Based upon the way the article reads it is a vulnerability that hasn't been exploited. It would seem unlikely that anyone seeking notoriety would create a virus that would effect such a small demographic.

Score: 0

By PC_Tool

edited Jun 1, 2006 - 9:03 AM

Stardust is a 'proof-of-concept' virus

The above means it was created in a lab. It is not ITW. A simple test case for those foolish enough to believe *any* product is secure.

My reaction to this is the same as my reaction to *any* PoC malware. Big frigging deal. For their next trick, I suggest proving the world is flat.

Score: 0

By dingomutt

edited May 31, 2006 - 5:51 PM

I'm not surprised by this. The more people use open source stuff the more it's going to become a target.
All the people claiming that open source is much, much more secure than something closed source are living in some imaginary world.
Even though this virus is a proof of concept it doesn't take much for someone to bring it out into the real world.

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue