Trojans found exploiting Sony DRM application

By

Researchers have discovered the first trojan to take advantage of Sony's controversial copy protection software.

The Stinx-E trojan appears to have been deliberately spammed out to email addresses, posing as a message from a British business magazine. When run it copies itself to a file called $sys$drv.exe. Any file with $sys$ in its name is automatically cloaked by Sony's copy-protection code, making it invisible on computers which have used CDs carrying Sony's copy protection application.


As reported in SC Magazine, security companies have begun to classify the DRM code as spyware.

"Despite its good intentions in stopping music piracy, Sony's DRM copy protection has opened up a vulnerability that hackers and virus writers are now exploiting," said Graham Cluley, senior technology consultant for Sophos.

"We wouldn't be surprised if more malware authors try and take advantage of this security hole, and consumers and businesses alike should protect themselves at the earliest opportunity."

Cluley advised companies to adopt an email gateway policy to protect against new email threats before antivirus updates are available.

www.sophos.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Palo Alto Networks in talks to buy CyberArk

Palo Alto Networks in talks to buy CyberArk

Gov to encourage vuln research, puts insurers and NFPs on notice

Gov to encourage vuln research, puts insurers and NFPs on notice

Allianz Life says majority of US customers' data stolen in hack

Allianz Life says majority of US customers' data stolen in hack

NT gov agency targeted in alleged $3.5m BEC scam

NT gov agency targeted in alleged $3.5m BEC scam

Log In

  |  Forgot your password?