First Sony virus found; lawsuit filed

AMSTERDAM - A computer security firm said on Thursday it had discovered the first virus that uses music publisher Sony BMG's controversial CD copy-protection software to hide on PCs and wreak havoc.

Under a subject line containing the words "Photo approval", a hacker has mass-mailed the so-called Stinx-E trojan virus to British email addresses, said British anti-virus firm Sophos. When recipients click on an attachment, they install malware, which may tear down the firewall and gives hackers access to a PC. The malware hides by using Sony software that is also hidden -- the software would have been installed on a computer when consumers played Sony's copy-protected music CDs.

"This leaves Sony in a real tangle. It was already getting bad press about its copy-protection software, and this new hack exploit will make it even worse," said Sophos's Graham Cluley.


http://www.msnbc.msn.com/id/9991596/


Thanks a LOT, Sony! What is their problem with content protection? Everything they do with it seems to backfire and end up costing them lots of $ in the long run. There's this, proprietary file types in their mp3 players, etc. You'd all better fix your sh*t or I'm going XBox 360 next time around.

I'm not a superTekkie, so I hope I'm not jumping to conclusions.

But if this virus attaches itself to the root directory, and it's "invisible" to the usual security programs, and if this technique's picked up by other malware writers... then we're fucked, aren't we?

Time to get an Apple...

In the world of computer tech, no wiser words have ever been spoken.

No matter what your preferances, an OS that crashes less and has less than 100 known viruses is still the safest way to go.

Let's face it - the business world uses PCs. I know, I'm a former CIO - I'm not drinking koolaid, just reporting reality. When Apple is as cost effective, open, and has as many applications available ... then people might switch.

and as for software, there is nothing I cannot do being a mac guy in a fully PC network.

this used to be the standard, but it is certainly not ringing true since osx jaguar.

And as soon as we all have Apples, guess what OS is going to have all the virii written for it?

hey laz!! :hi:

long time, no see. :hi:

Why not just get an Atari 400?

No viruses there either.

Lack of popularity and support is not a good reason to choose a computing platform.

Mac OS X has no known viruses, no malware, no spyware.

The biggest danger to Mac OS X users is utter arrogance, because someday somehow there might be created a virus that actually can do some damage.

The less than 100 or so you're referring to only affects old macs, pre 2001 with Mac OS 9. Even then you would be almost 100 % protected as the viruses themselves are even older (from late 80's to mid 90's)

Seriously: I have several Mac friends who are fed up with the guy-in-the-insanely-great-turtleneck talking about iPods that can do what PSP do much better -- they are looking at moving over to PC with AMD processors (at least one Mac geek already has) for music production. They are very frustrated over the lack of news from Apple concerning the future of power processing machines.

Tut-tut

going to be the first Intel system utilizing the dual core chips from Intel.

Name one virus for OS X.

It's not completely undetectable it's just that current virus scanners don't know how to look for it. Future versions most probably will.

Frankly, the Sony DRM software should be treated as hostile software by the virus scanners as it is, but that probably wouldn't have happened if this new virus (that exploits the holes created by the Sony software) hadn't been released. In fact, I wouldn't be surprised if this virus was written with the express purpose of forcing the actions of the anti-virus companies.

Maybe this new Sony inspired virus was written to get the attention of anti virus programmers and companies. It still means that folks dependent on Microsoft operating systems (like me) will have to buy updated security programs for this updated threat.

It will never end, will it? ;(

"Sophos said it would have a tool to disable the copy protection software available later on Thursday."

http://www.msnbc.msn.com/id/9991596

The original content protection was heinous enough without third party Trojan's using it to disguise themselves.

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html

http://www.sysinternals.com/blog/2005/11/sony-you-dont-reeeeaaaally-want-to_09.html


With that in mind, here's a list of affected CDs to avoid.

http://www.eff.org/deeplinks/archives/004144.php


"You'd all better fix your sh*t or I'm going XBox 360 next time around."

I'm looking at the Nintendo Revolution

I think you're right about the virus being written to call Sony on the carpet. I'm on the fence about Sony these days - products are better but they still do stupid things and this content protection thing is an attack on the consumer.

Re: Nintendo Revolution - funny you mention. I have PS2 and the Gamecube. The graphics on the cube are better than the Sony and about the same as the current XBox (which I've refused to buy because Msoft is a tyrant and XBox is just a PC anyway). I bought the cube for all the Resident Evil games they started writing for it, and it's a fantastic little machine.

I hope the Revolution pulls Nintendo out of 3rd place or at least keeps it viable enough that software companies continue writing software for it - sounds good so far, when reading about developer reactions to the new controller. I consider Nintendo the real innovator, Sony the master marketer and Msoft the big gorilla who just wants to destroy everyone else.

on unsuspecting users. Kudos to Mark Russinovich, I use many of his tools. On a positive note, it seems someone has filed a case against Sony BMG for spreading malware :)

IIRC, they were talking about suing Sony at one point for mislabeling their copy-protected audio CDs as 'Audio CD format' (with the little 'CD' logo), when they are not. They do not conform to the specification, and will not play on many standardized devices (such as my Mac).

That was a few years ago, so I doubt the suit ever went anywhere, but I wish they would take it up again. When Sony first came out with those things (the copy protected CDs), inserting them in an older Mac would screw the CD-ROM drive up (would cause it to race and possibly burn out, IIRC).

This is a rootkit -- meaning that the only way to detect it is to run a virus scanner before you load from your hard drive. Virus scanners have not come up with a way to detect them -- and they have been in the wild for a long time. There is some software that will detect this, but it requires a reboot.

This rootkit makes any file ony your system beginning with $sys$ invisible to your OS. This means AV programs can't detect any of those files at all.

This exploit has already been used by certain gamers to create exploits in online gaming. Now, we have the first virus.

Mac's are not immune. The software Sony distributes istalls two .kerd files which modify your kernel, although its less likely to cause problems. In addition, because of the way the Mac security model works, you will have to enter your root password to allow them to install -- failing to do so will result in no music.

Sony will be (and should be) raked over the coals for this. A quote from the Sony/BMG Global President on NPR went something like "why should people care if they don't know about it?"

http://www.pcsupportadvisor.com/rootkits.htm

Well worth the read.

Sony's Music company has been using unmarked copy protection spyware for at least a year, because I remember reading in Macworld magazine how some people had their Mac roken and needed repairs when they simply wanted to listen to some cds...and here's something else, Sony is going to use the PS3's Blu-ray drives with the same type of software--when you buy a PS3 gam or Blu ray DVD movie, it will NOT be playbale on another without Sony's permission. AND the spyware is hidden inside your computer files :argh:

This is too much, I feel like commplaining about this shit! It's violating everyone's personal rights to enjoy their legally purchased media, and has great potential o wreck so may unkowing peopl'es personal computers everywhere....