is "BKDR_HACDEF.M" found in c:\cygwin\bin\cygcrypt-0.dll for real?
geneSmith
gene.smith@sea.siemens.com
Mon Jan 10 19:37:00 GMT 2005
Christian Montanari wrote, On 1/10/2005 11:28 AM:
> Our local virus scan tool provided by *****
> reported a "trojan horse" called "BKDR_HACDEF.M" found in c:\cygwin\bin\cygcrypt-0.dll
>
> c.f.:
>
> http://www.******.com/vinfo/virusencyclo/default5.asp?VName=BKDR_HACDEF.M
>
> Could you tell me what is your point of view about this ? is it a fluke information ?
> does the code for cygcrypt-0.dll need to be checked against Easter-Eggs of this kind ?
>
> Regards,
>
> ========================================
> Christian Montanari,
> SHARP TELECOMMUNICATIONS OF EUROPE Ltd.,
> Azure House,
> Bagshot Road,
> Bracknell,
> Berks, RG12 7QY, UK.
> Tel: +44 (0) 1344 301883
> Fax: +44 (0) 1344 300293
> ========================================
>
>
Detected on 2 systems here by Trend Micro and it deleted the file.
According to a website describing the virus, it can use a possible
vulnerability in the file to implement the backdoor. Are there any know
vulnerabilities in cygcrypt-0.dll?
--
Lit up like Levy's
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list