How to use Sony cloaking 1) Write standard virus/trojan 2) Trick poor person to run on computer (easy right?) 3) Name it with $sys$ 4) It is now cloaked by the Sony DRM.
Isn't too hard...you will see more and more, it won't be long before spyware is using it to hide as well. Is it good? No, any virus or spyware can have it's own rootkit hooks if they wanted. But if they use Sony, they can claim they weren't not trying to hide..."some other software" was hiding them. Botnet admins like smaller coded bot...no need to add any code...just a file renamed...man even a folder rename for that matter Thanks Sony... > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Michael Holstein > Sent: Friday, November 11, 2005 8:23 AM > To: Fergie > Cc: full-disclosure@lists.grok.org.uk > Subject: Re: [Full-disclosure] the "Sony/BMG" virus > > > Insofar as [just] yesterday's RootkitGate media blitz, let's review: > > Those lawsuit links refer to the class-action suit related to > the rootkit + DRM install itself. > > I'm more interested in it's use to cloak a virus, and the > potential legal liability that might create for the authors. > > 15 seconds on Google can provide a variety of rootkits .. I > suspect this is one of the first developed by a big-name > company (versus the customization you can get from some > hacker groups for a little donation). > > ~Mike. > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
