[Dshield] Rootkits All Around: Universal Music Has It ,Too
tholleb at teknowledge.com
Wed Nov 2 20:58:07 GMT 2005
> No reports *yet*. The mere fact that it's a free cloaking
> device for any file with a name that starts with '$sys$' is
> going to attract the malware writers - and there's bound to
> be other goodies yet to be revealed.
Filenames aren't the only attractive part. Imagine the effects
of the registry key:
And the fact that anti-spyware tools won't be able to see that key.
More information about the list