November 2005
First Trojan Using Sony DRM Detected
A new trojan which uses the cover provided by the Sony DRM component to hide has been detected by BitDefender Labs at 12.15 PM GMT today and is in the wild. This is the first ever observed instance of malware using the Sony DRM rootkit detected and analysed by Mark Russinovich.
The trojan apparently installs an IRC backdoor on the affected system and may have other functions.
"We have been aware for some time that malware can be written which may exploit the Sony DRM component's hiding capabilities for its own good. Therefore, BitDefender software has been upgraded to include heuristic detection for all software trying to use this technique. We can confirm that the trojan is in the wild and spreading at this time. This is a worrying confirmation of our concerns." declared Viorel Canja, Head of BitDefender Labs.
BitDefender users are protected against this new threat, since it is detected proactively and blocked. A signature update is also underway, to aid administrators in identifying the new threat.
A full technical analysis of the malware, and an update to this article are forthcoming and will be published on the BitDefender corporate website in the following hours.
***UPDATED (14.02 pm GMT)***
Analysts at the BitDefender Labs have completed a technical description of the threat and published a signature update. A removal tool for the trojan and a detection tool for the Sony DRM component are in preparation at the BitDefender Labs and will be made available to the general public in the following hours.
INFORMAÇÕES RELACIONADAS:
Technical analysis of the Backdoor.IRC.Snyd.a trojan by BitDefender Labs.
How to protect your computer from attacks exploiting the XCP DRM Software
Analysis of the Sony DRM by Mark Russinovitch
About Bitdefender®
A Bitdefender é a criadora de uma das mais rápidas e eficazes linhas de software de segurança para a internet. Desde 2001, a empresa tem sido pioneira na indústria, introduzindo e desenvolvendo tecnologias de proteção premiadas. Hoje, a tecnologia Bitdefender assegura a atividade digital de cerca de 400 milhões de usuários domésticos e corporativos por todo o globo.
Recentemente, a empresa recebeu uma série independente de recomendações essenciais nos EUA, Reino Unido e por toda a Europa, incluindo ConsumerSearch, Which?, Stiftung Warentest e Taenk. A tecnologia antivírus Bitdefender também terminou em primeiro lugar nos testes de líderes da indústria em ambos os teste da AV Test e AV-Comparatives. Mais informações sobre os produtos antivírus Bitdefender estão disponíveis na sala de imprensa das soluções de segurança da empresa. Além disso, a Bitdefender publica Malware Cityoferecendo as últimas atualizações sobre ameaças de segurança e ajuda os usuários a se manterem informados na luta cotidiana contra o malware.