Trojan using Sony DRM to hide

Antivirus vendor BitDefender reports they have detected the first trojan using Sony DRM to hide.

Antivirus vendor BitDefender reports they have detected the first trojan using Sony DRM to hide.  The trojan named Backdoor.IRC.Snyd.A by Bit Defender, also dubbed Backdoor.Win32.Breplibot.b (Kaspersky) Troj/Stinx-E (Sophos) W32/Brepibot virus (McAfee) is essentially impossible for a normal user to detect when hidden by Sony DRM software.  From the Bit Defender report:

The trojan apparently installs an IRC backdoor on the affected system and may have other functions.

"We have been aware for some time that malware can be written which may exploit the Sony DRM component's hiding capabilities for its own good. Therefore, BitDefender software has been upgraded to include heuristic detection for all software trying to use this technique. We can confirm that the trojan is in the wild and spreading at this time. This is a worrying confirmation of our concerns." declared Viorel Canja, Head of BitDefender Labs.

BitDefender users are protected against this new threat, since it is detected proactively and blocked. A signature update is also underway, to aid administrators in identifying the new threat.

The technical analysis can be read here.  A detection and removal tool will be available from BitDefender within a few hours.

Update: F-Secure is also reporting this trojan, saying "I told you so".  Link via Ed Bott.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All