Sony BMG is still having a bad week….



Unfortunately a LOT of people that have bought Sony-BMG cds (or borrowed, whatever…) are going to have some headaches too. By stock in Tylenol or Aleve or something…. anyway… here’s todays roundup of Sony Rootkit news. Including a virus borrowing the gift of SONY…

First up is some “backstory” that reminds us of Sony’s attitudes in the past on the issue of piracy and what should be done about it, along with the precient “I think most people don’t know what a rootkit is” satatement.


Apparently, more seriously is a virus that is taking advantage of the “cloaking technology” gift that SONY has left on PCs. Apparently, an email arrives claiming to be an image for a magazine article for review, if opened it installs itself to $sys$drv.exe Which would be cloaked by the rootkit (anything with $sys$ in the first part of the name would be hidden this way.) Sophos antivirus has the discovery… Apparently, f-secure announced that the virus is a bot which is designed to connect to an IRC server for MORE software loading and remote control. Fortunately, it’s written poorly and doesn’t work. But you can be assured that virus writers are feverishly working to fix it…. Such as …. what trendmicro has found, another variant of the same bug….

Sophos plans to release a tool to detect, disable and prevent reinstallation of Sony’s DRM. Now, SONY do you see what a big deal this is? Do you see why even if people don’t understand what a rootkit is in the general public, they should be concerned? I doubt if many people could describe what a network worm is, that doesn’t mean we like them…..

Spyware confidential has details including virus names Backdoor.IRC.Snyd.A Backdoor.Win32.Breplibot.b Troj/Stinx-E and W32/Brepibot, technical details available at bitdefender.com

   Send article as PDF   

Similar Posts