funsec mailing list archives
Gee, thanks Sony!
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 10 Nov 2005 14:02:24 -0500
IT <http://it.slashdot.org/> : Trojan Using Sony DRM Rootkit Spotted Posted by Zonk <http://slashdot.org/~Zonk/> on Thursday November 10, @12:15PM from the gift-from-sony-to-you dept. <http://slashdot.org/search.pl?tid=172> Security Analise <mailto:anaili () gmail com> writes "The Register reports on the first trojan <http://www.theregister.co.uk/2005/11/10/sony_drm_trojan/> using Sony's DRM rootkit. A newly discovered variant <http://www.bitdefender.com/VIRUS-1000058-en--Backdoor.IRC.Snyd.A.html> of the Breplibot trojan makes use of the way Sony's rootkit masks files whose filenames begin with '$sys$'. This means that any files renamed this way by the trojan are effectively invisible to the average user. The malware is distributed via an email supposedly from a reputable business magazing requesting that the businessperson verify his/her attached 'picture' to be used for an upcoming issue. Once the payload is executed, the trojan then installs an IRC backdoor on affected Windows systems." ( * <http://it.slashdot.org/it/05/11/10/1615239.shtml?tid=172&tid=233> Read More... * 255 <http://it.slashdot.org/it/05/11/10/1615239.shtml?tid=172&tid=233> of 335 <http://it.slashdot.org/article.pl?sid=05/11/10/1615239&threshold=-1&tid=172 &tid=233> comments * it.slashdot.org <http://it.slashdot.org/> )
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Gee, thanks Sony! Richard M. Smith (Nov 10)