Trojan Using Sony DRM Rootkit Spotted

Discussion in 'Computer Security' started by Imhotep, Nov 10, 2005.

  1. Imhotep

    Imhotep Guest

    "The Register reports on the first trojan using Sony's DRM rootkit. A newly
    discovered variant of the Breplibot trojan makes use of the way Sony's
    rootkit masks files whose filenames begin with '$sys$'. This means that any
    files renamed this way by the trojan are effectively invisible to the
    average user. The malware is distributed via an email supposedly from a
    reputable business magazing requesting that the businessperson verify
    his/her attached 'picture' to be used for an upcoming issue. Once the
    payload is executed, the trojan then installs an IRC backdoor on affected
    Windows systems."

    http://www.theregister.co.uk/2005/11/10/sony_drm_trojan/

    Imhotep
    Imhotep, Nov 10, 2005
    #1
    1. Advertising

  2. "Imhotep" <> wrote in message
    news:...
    > "The Register reports on the first trojan using Sony's DRM rootkit. A

    newly
    > discovered variant of the Breplibot trojan makes use of the way Sony's
    > rootkit masks files whose filenames begin with '$sys$'. This means that

    any
    > files renamed this way by the trojan are effectively invisible to the
    > average user. The malware is distributed via an email supposedly from a
    > reputable business magazing requesting that the businessperson verify
    > his/her attached 'picture' to be used for an upcoming issue. Once the
    > payload is executed, the trojan then installs an IRC backdoor on affected
    > Windows systems."
    >
    > http://www.theregister.co.uk/2005/11/10/sony_drm_trojan/


    Good call, but did you see:

    http://www.theregister.co.uk/2005/11/10/password_hashes/

    El Reg is /always/ worth checking out, assuming that you either have
    something close to a British sense of humour, or possibly a
    cynical/jaundiced view of the Industry.

    Not associated with the site, you understand!

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
    Hairy One Kenobi, Nov 10, 2005
    #2
    1. Advertising

  3. Imhotep

    Imhotep Guest

    Hairy One Kenobi wrote:

    > "Imhotep" <> wrote in message
    > news:...
    >> "The Register reports on the first trojan using Sony's DRM rootkit. A

    > newly
    >> discovered variant of the Breplibot trojan makes use of the way Sony's
    >> rootkit masks files whose filenames begin with '$sys$'. This means that

    > any
    >> files renamed this way by the trojan are effectively invisible to the
    >> average user. The malware is distributed via an email supposedly from a
    >> reputable business magazing requesting that the businessperson verify
    >> his/her attached 'picture' to be used for an upcoming issue. Once the
    >> payload is executed, the trojan then installs an IRC backdoor on affected
    >> Windows systems."
    >>
    >> http://www.theregister.co.uk/2005/11/10/sony_drm_trojan/

    >
    > Good call, but did you see:
    >
    > http://www.theregister.co.uk/2005/11/10/password_hashes/


    Good article...very good.

    > El Reg is /always/ worth checking out, assuming that you either have
    > something close to a British sense of humour, or possibly a
    > cynical/jaundiced view of the Industry.


    My God, do you realize we have agreed on two topics in two days? What is
    wrong with us? :-o

    By the way, I am half French half English (strange mix eh?). Maybe that is
    why I like the Reg???

    > Not associated with the site, you understand!
    >


    Imhotep
    Imhotep, Nov 11, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Goro
    Replies:
    1
    Views:
    506
  2. Goro
    Replies:
    0
    Views:
    457
  3. nemo_outis

    Sony DRM Rootkit

    nemo_outis, Nov 1, 2005, in forum: Computer Security
    Replies:
    56
    Views:
    1,678
    thunderbird
    Nov 11, 2005
  4. Pat

    Sony using rootkit for copy protection

    Pat, Nov 3, 2005, in forum: Computer Support
    Replies:
    12
    Views:
    473
  5. =?Utf-8?B?V2lsbCBCaWVybWFu?=

    Can Sony's DRM rootkit be installed on x64?

    =?Utf-8?B?V2lsbCBCaWVybWFu?=, Nov 21, 2005, in forum: Windows 64bit
    Replies:
    6
    Views:
    343
    Piers James
    Nov 22, 2005
Loading...

Share This Page