Second Variant of Sony DRM Trojan Detected and Prevented by BitDefender

BitDefender™, an award-winning provider of antivirus software and data security solutions, announced today that its HiVE technology enabled the detection of a second variation of the Sony DRM backdoor Trojan, named Backdoor.IRC.Synd.B. This new variation of the highly publicized Trojan was proactively detected and blocked by the HiVE virtual environment included in all BitDefender products.

Similar to the first Trojan found earlier today but written with a new digital signature to get past anti-virus defenses, this new version also uses the cover provided by the Sony DRM component to hide itself. Changes found by BitDefender in this new variant include fixes of the bugs from the first version, a change of the file name to “$sys$xp.exe”, change of the IRC channel name, as well as some additional minor technical changes.

“BitDefender's HiVE technology enabled us to detect the second variant of the virus without any need for additional signatures,” commented Viorel Canja, head of BitDefender Labs. “While this new strain is also in the wild, BitDefender will continue to monitor for any additional variations of the Sony DRM Trojan. BitDefender is committed to being one step ahead of virus writers, so that our customers can feel confident that they are always protected.”