The Inquirer-Home

Sony installs another Rootkit

Some people never learn
Tue Aug 28 2007, 08:37
SECURITY OUTFIT F-Secure said its rootkit detection software has found Sony up to its old tricks.

Sony, which got into huge trouble installing its BMG XCP DRM rootkit in CDs 2005, has installed a root kit into its USB stick software driver.

The USB stick in question, Sony MicroVault USM-F, has a built-in fingerprint reader. F-Secure's BlackLight rootkit detector was reporting hidden files on the system.

The USB software creates "rootkit-like behaviour" which is similar to the Sony BMG case. The Sony MicroVault USM-F fingerprint reader software installs a driver that is hiding a directory under "c:windows"". These are invisible through the Windows API.

Files in this directory are also hidden from some antivirus scanners. It is therefore technically possible for malware to use the hidden directory as a hiding place.

To be fair to Sony, F-secure said that the MicroVault software hides this folder to somehow protect the fingerprint authentication from tampering and bypass. MO< "However, we feel that rootkit-like cloaking techniques are not the right way to go here," F-Secure said, here. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Dead electronic devices to be banned on US-bound flights

Will the new rules banning uncharged devices be effective?