 | By Ryan Russell The Sony Corporation seems bound and determined to install copy-protection software, including rootkits, no matter how many different products it has to use. Read on to find out about Sony software that you may have paid for, but you don’t really want. |
Who infected my PC with a rootkit?
I recently taped a podcast for internal distribution at my workplace with Amrit Williams, a former Gartner analyst and the current CTO at BigFix. (He and I work together.) One of the questions he asked me was, “Are rootkits a common threat or are they something exotic you rarely see?” I replied that my opinion was they’re uncommon, because attackers don’t seem to have to bother. Too many PC users still fall for the easy stuff.
There have been a couple of minor examples of malware in the wild that included a rootkit, but nothing significant. So has all my worrying about rootkits been pointless? Unfortunately, no. At least one group is still out to infect you. They call themselves Sony.
Do you remember my Nov. 22 and Dec. 15, 2005, columns about the rootkits on Sony BMG audio CDs? The company is at it again. F-Secure tells us that a rootkit is installed when you use Sony’s MicroVault USM-F software for its fingerprint-reading flash drives. This does appear to me to be a rootkit, albeit a relatively benign one. If you don’t like the term “infected,” substitute the word “affected.”
Have you been ‘affected’ by Sony?
F-Secure used a product called BlackLight to detect the Sony USB drive software. (You can download a free trial that will work until Oct. 1, F-Secure says.)
I myself found out that I had some extra Sony software I didn’t want by using Microsoft’s RootkitRevealer. (This product was originally from SysInternals before MS acquired the company.)
Related posts:
