|
|
|
Top Stories
|
First Trojan using Sony DRM spotted10 Nov 2005 13:25 Roots you, Sir
Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs. Sony-BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory. "This means, that for systems infected by the Sony DRM rootkit technology, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro The malware arrives attached in an email, which pretends to come from a reputable business magazine, asking the businessman to verify his/her "picture" to be used for the December issue. If the malicious payload contained in this email is executed then the Trojan installs an IRC backdoor on affected Windows systems. Romanian anti-virus firm BitDefender confirms that the malware is in the wild but a full technical analysis of the Trojan is yet to be completed. The response of anti-virus firms, some of which have only promised to flag up rather than block system changes made by Sony-BMG's rootkit, remains unclear. ®
Track this type of story as a custom Atom/RSS feed or by email. Related storiesSony to exorcise 'rootkit' from USB drives (4 September 2007)
|
Breaking Hardware News
When Nvidia - allegedly - entered into an anti-Atom alliance with VIA, it was really preparing the ground to improve its negotiations with Intel. Allegedly. So say the latest rumours about rumours about rumours.
Newsletter |
|
![[Printer]](/Design/graphics/icons/printer_friendly.png "Printer-friendly version"){kind=icon}
![[Mobile]](/Design/graphics/icons/mobile.png "The Register Mobile"){kind=icon}
Previous Article
