TechSpot en EspaņolMost Popular
| Top Stories | Just in | Featured |
11 awesome applications you've never heard of featured
Microsoft to offer three-user Windows 7 Family Pack?
2K Games offers "Huge Game Pack" on Steam for $54
Fallout 3 gets 50% price cut on Steam this weekend
Apple issues advice on iPhone 3GS overheating
Firefox 3.5 breaks 5 million downloads in 24 hours
TechSpot RSSInformation Technology
Sony DRM used for malware!
Well, didn't we all see this coming?! The use of rootkit technology in DRM software bundled with Sony CDs has been exploited by virus writers! A new variant of the Breplibot Trojan takes advantage of the fact that Sony-BMG's rootkit DRM technology masks files filenames which start with "$sys$", by dropping the file "$sys$drv.exe" in the Windows system directory.
This means, that for systems infected by the Sony rootkit, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro.
Arriving in an email, the malware appears to originate from a reputable business magazine. If installed, the Trojan installs an IRC backdoor on affected Windows systems.
This means, that for systems infected by the Sony rootkit, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro.
Arriving in an email, the malware appears to originate from a reputable business magazine. If installed, the Trojan installs an IRC backdoor on affected Windows systems.
Related Stories
