Sony rootkit backdoor program

10 Nov 2005

minute read

Authors

Yury Mashevsky

The first backdoor which utilizes the ‘Sony rootkit‘ was detected today. We’ve classified this malicious program as Backdoor.Win32.Breplibot.b.

We’re analyzing the progam at the moment and will have more information soon. Watch this space.

Authors

Yury Mashevsky

Sony rootkit backdoor program

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Posts

Latest Webinars

Reports

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices.

Sony rootkit backdoor program

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

The antivirus weather forecast: cloudy

Crimeware: A new round of confrontation begins…

Malware Miscellany, September 2009

Malware Miscellany, December 2008

Malware Miscellany, November 2008

Deep analysis of the flaw in BetterBank reward logic

Post-exploitation framework now also delivered via npm

Massive npm infection: the Shai-Hulud worm and patient zero

The SOC files: Rumble in the jungle or APT41’s new target in Africa

XZ backdoor: Hook analysis

Latest Posts

Assessing SIEM effectiveness

From cheats to exploits: Webrat spreading via GitHub

Cloud Atlas activity in the first half of 2025: what changed

Yet another DCOM object for lateral movement

Latest Webinars

AI agents vs. prompt injections

The quantum threat: Preparing for next-generation cyber risks

Fortify your mobile protection: Building customer trust with advanced security

Unmasking email dangers: Detecting and defending against mail threats

Reports

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports

Subscribe to our weekly e-mails