[Pc_Support] Sony DRM exploit explained, VNUnet,
or WHY I do NOT buy SONY cd's...
Linux User patrick
pberry2 at cfl.rr.com
Thu Nov 10 11:55:17 EST 2005
Virus writers exploit Sony DRM
Sony doomsday scenario becomes reality
Iain Thomson and Tom Sanders, vnunet.com <http://www.vnunet.com/> 10 Nov
2005
Virus writers have already started to exploit Sony
<http://www.sony.com/>'s controversial digital rights management
software, which uses a rootkit <http://www.vnunet.com/2145413> to hide
the code and ensure that the CDs are not copied.
A new Trojan, Troj/Stinx-E
<http://www.sophos.com/virusinfo/analyses/trojstinxe.html>, has been
mass-mailed to UK email addresses. The worm is a variant of what McAfee
referred to as the Brepibot
<http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=133091>
virus that was first discovered on April this year. BitDefender calls
the new worm Backdoor IRC Snyd A
<http://www.bitdefender.com/VIRUS-1000058-en--Backdoor.IRC.Snyd.A.html>
and F-Secure Breplibot.B
<http://www.f-secure.com/v-descs/breplibot_b.shtml>.
The new version has been altered to exploit a feature in the XCP digital
rights management technology for Windows systems that comes bundled with
several audio CDs from the Sony BMG record label. The software will
automatically install the first time a user tries to play an infected
audio CD on his computer's CD Rom drive.
In addition to digital rights manament technology, CD also installs a
so-called root kit that hides files from the user and the system,
including anti-virus software. Security experts have argued that it is
extremely poorly engineered and that worm authors can exploit it by
simply placing the characters "$sys$" in front of a file name.
The new variant of the Stinx trojan tries to do exactly that.
"Sony started off with the right intentions but did not recognise the
implications of what it was doing," said Graham Cluley, senior
technology consultant at Sophos <http://www.sophos.com/>.
"We've had companies calling up all day asking what to do with this. We
feel sorry for the musicians; if you look on Amazon
<http://www.amazon.com/> right now reviewers are telling people not to
buy the album, not because of the music but because of the copy protection.
See the Full Story:
http://www.vnunet.com/vnunet/news/2145874/virus-writers-exploit-sony-drm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.matrixlist.com/pipermail/pc_support/attachments/20051110/454d4773/attachment.html
More information about the Pc_support
mailing list