Re: Sony DRM Rootkit

From: thunderbird (netsurf1_at_coolgoose.com)
Date: 11/11/05


Date: 11 Nov 2005 02:03:54 -0800


nemo_outis wrote:
> Here's a shocker: rootkit installed by Sony!
>
> Sony, Rootkits and Digital Rights Management Gone Too Far
> http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-
> rights.html
>
> Regards,

"The Register reports on the first trojan using Sony's DRM rootkit. A
newly
discovered variant of the Breplibot trojan makes use of the way Sony's
rootkit masks files whose filenames begin with '$sys$'. This means that
any
files renamed this way by the trojan are effectively invisible to the
average user. The malware is distributed via an email supposedly from a
reputable business magazing requesting that the businessperson verify
his/her attached 'picture' to be used for an upcoming issue. Once the
payload is executed, the trojan then installs an IRC backdoor on
affected
Windows systems."