November 2005
First Trojan Using Sony DRM Detected
A new trojan which uses the cover provided by the Sony DRM component to hide has been detected by BitDefender Labs at 12.15 PM GMT today and is in the wild. This is the first ever observed instance of malware using the Sony DRM rootkit detected and analysed by Mark Russinovich.
The trojan apparently installs an IRC backdoor on the affected system and may have other functions.
"We have been aware for some time that malware can be written which may exploit the Sony DRM component's hiding capabilities for its own good. Therefore, BitDefender software has been upgraded to include heuristic detection for all software trying to use this technique. We can confirm that the trojan is in the wild and spreading at this time. This is a worrying confirmation of our concerns." declared Viorel Canja, Head of BitDefender Labs.
BitDefender users are protected against this new threat, since it is detected proactively and blocked. A signature update is also underway, to aid administrators in identifying the new threat.
A full technical analysis of the malware, and an update to this article are forthcoming and will be published on the BitDefender corporate website in the following hours.
***UPDATED (14.02 pm GMT)***
Analysts at the BitDefender Labs have completed a technical description of the threat and published a signature update. A removal tool for the trojan and a detection tool for the Sony DRM component are in preparation at the BitDefender Labs and will be made available to the general public in the following hours.
RELATED INFO:
Technical analysis of the Backdoor.IRC.Snyd.a trojan by BitDefender Labs.
How to protect your computer from attacks exploiting the XCP DRM Software
Analysis of the Sony DRM by Mark Russinovitch
About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, Bitdefender won a series of important awards and accolades in the global security industry, including "Product of the Year" by AV-Comparatives, "Best Repair 2012" by AV-Test, "Editor's Choice" and "The Best Antivirus for 2013" by PC Mag, that confirmed the antivirus software’s leadership status among security products.
More information about Bitdefender's products is available from the company's security press room. Additionally, Bitdefender publishes the HOTforSecurity blog, where readers can find stories from the underworld of internet fraud, scams, malicious software - and gossip.