funsec mailing list archives
F-Secure: One more Bot trying to hide under Sony DRM
From: "Fergie" <fergdawg () netzero net>
Date: Fri, 11 Nov 2005 00:59:25 GMT
I hate to say "I told you so" but I knew that the flaws in the previous malware efforts would be quickly corrected and re-seeded in the wild. Katrin writes over on the F-Secure "News from the Lab" Blog: [snip] Soon after the first Bot using Sony rootkit technology was found another one appeared - Breplibot.C. This new variant fixes some bugs found in the previous Breplibot.B variant. It uses file '$sys$xp.exe' instead of '$sys$drv.exe' when copy to Windows System folder. [snip] http://www.f-secure.com/weblog/#00000701 - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- F-Secure: One more Bot trying to hide under Sony DRM Fergie (Nov 10)