Open source: New target of malware?
The recent OpenOffice worm may be a sign that malware writers are starting to target the increasingly popular open-source software, industry experts say.
First discovered last month, the OpenOffice macro-based worm is spread through a file called badbunny.odg. The worm, named SB/Badbunny-A, affects OpenOffice users on Windows, Linux and Mac platforms.
In an interview, Wilvin Chee, research director of IDC's Asia-Pacific software research group, noted that the OpenOffice worm could be an isolated incident, but it could also be a sign that malware writers are starting to capitalise on the rising popularity of open-source software.
"But we have to see how much of this malware is coming out into the open," Chee said.
Symantec said the prevalence of the Badbunny worm in the wild is "very low". The impact on businesses and consumers has so far been minimal, thanks to coding errors in the worm that limit its ability to spread, Symantec said. As of 12 June, the security vendor has not received any new reports of the threat from customers.
Ooi Szu-Khiam, senior security consultant at Symantec Singapore, said that the author of the Badbunny worm has clearly noted that OpenOffice has been downloaded over 80 million times, and saw in it the opportunity to create something that could work across many platforms.
"Malware creators are always on the lookout for new avenues to exploit in order to spread their worms and Trojans, and the home-user sector is a particularly attractive target," Ooi said.
According to Symantec's latest Internet Security Threat report, 98 percent of all targeted attacks in the Asia-Pacific region are aimed at consumers.
Ooi noted that open-source software in itself is not more vulnerable to attacks compared to proprietary software. He added that history has shown that the majority of security flaws are still found in closed-source and proprietary software from vendors such as Microsoft, Oracle and IBM.
Moreover, Ooi said, if open source is a key reason for security vulnerabilities, there should be more instances of vulnerabilities in open-source software, but this is currently not the case. "The popularity of a software and/or operating system is still the major factor in determining its attractiveness to malware creators," he noted.
Ooi said that malware creators, such as software developers, have always been looking at ways to write software once and run it on many platforms.
"If you can develop something that will work reliably across Windows, Linux and Mac, then you'll obviously get a lot more bang for your buck," he said. "Malware creators are also in pursuit of this goal."
Ooi added: "As long as there is a potential to profit, cause widespread disruption, or to be the first to create a malware, you will find malware creators pushing the envelope in those spaces".
"The constant evolution of threats has proven malware creators to be very creative in their endeavours," Ooi said.