New Sony Rootkit


Prominent Member
Sep 12, 2004
Reaction score
It seems like Sony hasn't learnt any lessons from the BMG rootkit fiasco of 2005.

According to F-Prot (the anti-virus people), the Sony MicroVault USM-F microdrives install a hidden folder under the Windows directory that could be used for malicious purposes.

Will they never learn?

A lot of programs put entries into hidden places in the registry

As its not yet proven they are upto anything, I will give them the benefit of the doubt. Don't get me wrong, I myself have partaken in the sport of "Sony bashing" but y'know...
whoaw F-Prot did not know that was still around! Think I use to use that back in the early or mid 90's through dos iirc
Theres always going to be problems when software and hardware is mixed.
A lot of programs put entries into hidden places in the registry

I agree but F-Prot are talking about a hidden folder under Windows that could be used for malicious purposes.

F-Prot said:
The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under "c:\windows\". So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) — depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.


The latest video from AVForums

StormAudio ISR Fusion 20 AV Receiver - review coming soon #HomeCinema #Amplifier #VideoShort
Subscribe to our YouTube channel
Top Bottom