Thursday, November 10, 2005
And like I've told you, it's always a matter of days or hours... Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs. Sony-BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory. And this malware has also some design flaws. So it really doesn't work quite well. That could be the reason of course why this variant is not found in the Wild. Let's hope this will be the first and the last but I doubt it. Other malware exploiting this will appear unfortunately.
<< Home