Re: Sony DRM Rootkit

From: thunderbird (
Date: 11/11/05

Date: 11 Nov 2005 02:03:54 -0800

nemo_outis wrote:
> Here's a shocker: rootkit installed by Sony!
> Sony, Rootkits and Digital Rights Management Gone Too Far
> rights.html
> Regards,

"The Register reports on the first trojan using Sony's DRM rootkit. A
discovered variant of the Breplibot trojan makes use of the way Sony's
rootkit masks files whose filenames begin with '$sys$'. This means that
files renamed this way by the trojan are effectively invisible to the
average user. The malware is distributed via an email supposedly from a
reputable business magazing requesting that the businessperson verify
his/her attached 'picture' to be used for an upcoming issue. Once the
payload is executed, the trojan then installs an IRC backdoor on
Windows systems."

Relevant Pages

  • Re: VM Rootkits: The Next Big Threat? (PC Magazine)
    ... Such close relationships with hardware allow the OS to be ... they were trojan backdoored unix binary executables offering ... remote root access to the attacker that installed them. ... actual hardware and the so-called "rootkit" act as the platform for it. ...
  • Re: Rootkit viruses
    ... Alureon is a trojan and is a pseudonym for the TDSS Rootkit. ... Viruses self replicate. ... RootKits are kind of trojan that embed themselves in a very low level of the OS in or around the OS kernel giving themselves "root level" access. ...
  • Re: Using only XPs firewall saves resources
    ... >> But what if you have a trojan and rootkit on your system, ... By the time you get around to scanning with those things, your private ...
  • Rootkit or trojan
    ... Okay I am wondering if anyone has seen a rootkit or trojan with the ... /usr/bin/xntpx was created this program seems to be some icmp utility, ...
  • Re: Help With School Report: Are Macs Safer Than PCs From Viruses?
    ... Here is an article from a MAC USER that describes the Sony Rootkit being installed on his Macintosh. ... So on a consumer os there should be a warning the 'kernel extensions' are going to be installed. ... One thing that might be better is a warning that the system itself is about to be altered in a way that might compromise security. ...