New Sony Rootkit

Moosh

Well-known Member
It seems like Sony hasn't learnt any lessons from the BMG rootkit fiasco of 2005.

According to F-Prot (the anti-virus people), the Sony MicroVault USM-F microdrives install a hidden folder under the Windows directory that could be used for malicious purposes.

Will they never learn?

Cheers
Moosh
 

Steven

Senior Moderator
A lot of programs put entries into hidden places in the registry

As its not yet proven they are upto anything, I will give them the benefit of the doubt. Don't get me wrong, I myself have partaken in the sport of "Sony bashing" but y'know...
 

Reign-Mack

Active Member
whoaw F-Prot did not know that was still around! Think I use to use that back in the early or mid 90's through dos iirc
 

Moosh

Well-known Member
A lot of programs put entries into hidden places in the registry
I agree but F-Prot are talking about a hidden folder under Windows that could be used for malicious purposes.


F-Prot said:
The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under "c:\windows\". So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) — depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.
Cheers
Moosh
 

Moosh

Well-known Member

The latest video from AVForums

Podcast: Marantz SR7015 & NAD T 778 AVR + Mission LX2 MKII Speaker Reviews, AV & Film News and More
Top Bottom