Sony CDs and rootkits

It’s just a quick post, not in great detail.

This was discovered by Mark Russinovich of Sysinternals in one of his blog posts, when he suddenly found rootkit on his computer while updating his rootkit revealer software.

Generally, when you put one of those Sony CDs into your Windows-based PC, and you agree to their EULA, this piece of ‘rootkit’ software is installed into your computer. Rootkit is a method of changing the way the OS works to hide itself from your file system, meaning that you have almost no way of knowing that it exists. More information on rootkits at Wikipedia. Rootkit is normally used by virus writers, hackers, and so on for malicious means, to hide their ‘bad stuff’ from users. What a shock to find out that SONY uses this technology.

This piece of rootkit is basically trying to prevent you from making excess copies of their CDs, but it gets even worse. It is badly written, and it is REALLY REALLY difficult to uninstall. It was so bad that the people responsible for writing it (first 4 internet) had to write a patch to ‘uncloak’ it, and you have to email them to get an uninstaller. If you try deleting it, chances are that your CDROM drive will ‘disappear’ from windows.

I don’t know the details, but just thought I’d point it out. Please go to the links I posted for real details.

BBC report on SONY rootkits
Episode 12 of Security Now, on Sony’s rootkit, by Steve Gibson of grc.com. Audio files and transcripts

Just search the web for “Sony rootkit” or similar to find more details. Be careful what you put into your drive, even if it’s from Sony. And if you have played sony cds on your computer, you’d better find out more.

Shocking, this is.

1 thought on “Sony CDs and rootkits”

Leave a Reply

Your email address will not be published. Required fields are marked *