Under certain conditions the Froot worm can send system broadcast messages via the 'wall' command. These can take a variety of forms, including ASCII art and the phrase: "Hi, I'm Casper, I am a bored Sun developer and I wrote this piece of code."
One of the ASCII art messages that can be broadcast displays an offensive message, another shows a picture of a talking turkey:
"Most attacks today are targeted at computers running Microsoft Windows, but that doesn't mean that businesses running UNIX and other operating systems don't need to take security seriously," said Graham Cluley, senior technology consultant at Sophos. "This worm takes advantage of a security hole in Solaris's telnet service that was first disclosed last month. Vulnerable businesses would be wise to install the vulnerability fix from Sun, and consider disabling telnet."
"Although all new malware attacks are serious, it doesn't seem like that Sun Solaris threats will eclipse the virus problem on Windows anytime soon," continued Cluley. "The correct response is not to panic, but to take sensible action to ensure defenses are in place, software is patched whenever a new vulnerability is announced."
