Most Popular
| Top Stories | Commented | Featured |
Weekend Open Forum: Google Chrome OS and the future of cloud computing featured
Tech Tip of the Week: Unearth Region-Specific Windows 7 Themes featured
Google previews its upcoming Chrome OS
Mozilla reveals 2008 revenue, rumors say Firefox coming to PS3
Xbox Live bans prompt class action lawsuit
Sony: PlayStation 3 to be 3D-capable via firmware update
TechSpot RSSInformation Technology
Sony DRM used for malware!
Well, didn't we all see this coming?! The use of rootkit technology in DRM software bundled with Sony CDs has been exploited by virus writers! A new variant of the Breplibot Trojan takes advantage of the fact that Sony-BMG's rootkit DRM technology masks files filenames which start with "$sys$", by dropping the file "$sys$drv.exe" in the Windows system directory.
This means, that for systems infected by the Sony rootkit, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro.
Arriving in an email, the malware appears to originate from a reputable business magazine. If installed, the Trojan installs an IRC backdoor on affected Windows systems.
This means, that for systems infected by the Sony rootkit, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro.
Arriving in an email, the malware appears to originate from a reputable business magazine. If installed, the Trojan installs an IRC backdoor on affected Windows systems.
Related Stories
