Virus Writers Take Advantage Of Sony's Rootkit

from the thanks! dept

As if things weren't bad enough with Sony's lovely rootkit DRM, what with it acting like spyware and everything, now virus writers are using it to cover up their work -- just as was earlier predicted. The Sony software conceals filenames that start with "$sys$", so a new variant of a trojan simply uses a similarly named file that becomes completely invisible on computers infected with the Sony rootkit. The Security Fix blog of The Washington Post points out a quote from Sony CEO Howard Stringer, made four years ago: "Right now it would be possible for us, and I've often thought it would cheer me up to do it, you could dispatch a virus to anybody whose files contain us or Columbia records and make them listen to four hours of Yanni ... but in the end we're going to have to get serious about encryption and digital-rights management and watermarking." In light of that, and other efforts, like trying to get lawmakers to give record labels the right to destroy the computers of people that file-share, Sony's rootkit isn't surprising at all. But even though people may not know exactly what a rootkit is, they're beginning to understand that Sony's CDs can do some nasty stuff. The company's original "trust us, it's okay" defense was worn thin, and consumers' distrust of Sony could have long-term effects on its business.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    jszpila, 10 Nov 2005 @ 9:02am

    No Subject Given

    and yet, i'm still going to be surprised when Sony claim record sales drop due to piracy instead of realising that it's their own dangerous DRM and its inherent security implications that are driving people away. i guess expecting corporations to take responsibility for their own actions is just asking a bit too much.

    link to this | view in thread ]

  2. identicon
    dj_krztoff, 10 Nov 2005 @ 9:17am

    Re: No Subject Given

    Why blame corporations when it's obviously the introweb and Myspace that's to blame.

    link to this | view in thread ]

  3. identicon
    Chris H., 10 Nov 2005 @ 9:25am

    MySpace has a big haaarrRRAAAGHHH!!

    MySpace is to blame for everything, number one being the Eagles poor performance this season.

    link to this | view in thread ]

  4. identicon
    Wolfger, 10 Nov 2005 @ 9:27am

    Re: No Subject Given

    Didn't you know? Accountability for one's own actions has been out of style for years...

    link to this | view in thread ]

  5. identicon
    p jackson, 10 Nov 2005 @ 9:43am

    Sony Rootkit

    I have noticed that there is an assumption by people that the rest of the world sees things as they do. For instance, Sony assumes that no one will care about the rootkit and doesn't know about them. Well, that may be vastly true for the over 45 crowd (I am 61) but I assure you that their primary and future customers both know and care about such stuff. It may not impact them today, but tomorrow is another story entirely.

    link to this | view in thread ]

  6. identicon
    Michael, 10 Nov 2005 @ 10:09am

    The Beginning of the End for DRM

    This case in California is just the beginning of what I think will be start of something bigger. The software used in Sony's rootkit DRM violates several state laws concerning intrusive software. Its certainly illegal in Great Britan where software that install itself without your permission and makes changes to your system witth permission is prohibited by law. Many antivirus software and antispyware makers are already classify Sony's DRM as a malicious virus and are rushing to develop ways to remove it. A few already have.
    This whole fiasco basically shows that the consumers will not take this sort of thing lying down. We will fight back, and fight hard. Mark my words, this is the beginning of the end for DRM.


    The appearance of this trogan horse virus is just adding fuel to a fire that's already burning out of control. If Sony was smart they'd drop that technology right now and campaign to make certain its never used again by anyone.

    link to this | view in thread ]

  7. identicon
    S Border, 10 Nov 2005 @ 11:10am

    What devices?

    Does anyone have a list of the devices? I have a DRU 710a DVD/CD burner. I'd hate to think that I'd have to send a nasty letter to those PC wreckin' jerks at Sony. I'm always having to reformat because my wife likes to download and go to places she probably shouldn't be going... and no not porn...or maybe she is!?!

    link to this | view in thread ]

  8. identicon
    ME, 10 Nov 2005 @ 11:15am

    DDOS Sony.com

    How long before someone writes a virus using sony's rootkit to DDOS sony.com?

    link to this | view in thread ]

  9. identicon
    S Border, 10 Nov 2005 @ 11:16am

    Re: What devices?

    What I mean by always having to reformat is; it is almost like something is running in the background all the time, even if I reformat. It runs good for a little while, but even with Norton, Ad-ware, and Spy-bot I seem to have issues with either my machine not wanting to shut down correctly, weird noises in the tower itself sounding like it is running too hard, even if I'm not running any apps on it. Do you think it could be my hardware devices? Specifically my DVD Burner??

    link to this | view in thread ]

  10. identicon
    S Border, 10 Nov 2005 @ 11:18am

    Re: MySpace has a big haaarrRRAAAGHHH!!

    Nah, the Eagles are having a hard time because their offense can't pull it together. The should just put up with TO for another couple of weeks and trade him in the off season.

    link to this | view in thread ]

  11. identicon
    Andy, 10 Nov 2005 @ 11:21am

    Re: The Beginning of the End for DRM

    I agree with Michael. The smart BUSINESS move for Sony would be to just flip, and start campaigning on the other side. Not easy to do, given it hurts their intellectual property rights (sort of). But it would be a huge PR bonus to them to counteract the huge PR nightmare they are working themselves into. Imagine what they could say "We were trying to protect our property, but made a mistake. Now we are listening to our customers, and taking heed of their wishes". That would buy them some customer loyalty back. I suppose they just figure that since they own the label (and therefore the artists) that if someone wants to listen to one of those artists, they have no choice but to buy Sony. Well, watch out Sony, customers are fickle. We don't like dirty pool. In fact, I'm wondering if I should go buy one of these protected CDs so that I can get in on the class action lawsuit that is bound to follow....

    link to this | view in thread ]

  12. identicon
    BlindSide, 10 Nov 2005 @ 11:23am

    No Subject Given

    Well Sony did make my life a little easier with this mishap. My decision over next-gen gaming systems is down to two options now.

    link to this | view in thread ]

  13. identicon
    Y Pennog Coch, 10 Nov 2005 @ 12:02pm

    OT: Re: What devices?

    >>Do you think it could be my hardware devices?
    >>Specifically my DVD Burner??

    Try disconnecting power and data cables from it, boot up, see if you've still got noise? Can't hurt to try.

    link to this | view in thread ]

  14. identicon
    Scott nagle, 10 Nov 2005 @ 12:39pm

    Get a Mac

    I have the answer. Buy a Mac!

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 10 Nov 2005 @ 5:20pm

    Re: Get a Mac

    "I have the answer. Buy a Mac!"

    What does a hamburger have to do with this article?

    link to this | view in thread ]

  16. identicon
    z0idberg, 11 Nov 2005 @ 2:29am

    Re: Get a Mac

    Bzzzttt! wrong answer.

    Sony has DRM that targets Macs too:

    http://www.macintouch.com/#tip.2005.11.10.sony

    granted it cant weasel its way onto the system as easily as it does on windows but still..

    link to this | view in thread ]

  17. identicon
    Newob, 11 Nov 2005 @ 5:19am

    An appeal to virus writers

    Virus writers! Here is your chance! Write a trojan virus that causes Sony's rootkit to download copyrighted songs through P2P applications! Then Sony can go sue themselves and die.

    link to this | view in thread ]

  18. identicon
    W.C, 17 Nov 2005 @ 11:29pm

    Re: An appeal to virus writers

    Aint that it....but also readers...they have thier virus's on thier DVD's too...thats how I got mine...Stealth movie to be exact....Beware.

    link to this | view in thread ]

  19. identicon
    don, 17 May 2008 @ 12:47pm

    wow

    I have seen this information and lots more at
    megaupload files

    link to this | view in thread ]

  20. identicon
    fred, 25 Jul 2008 @ 10:05am

    Megaupload downloading

    Usually I use the best file searcher- http://megaupload.name/

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.