• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

Viruses Exploit Sony CD Copy-Protection

Posted on: Friday, 11 November 2005, 00:00 CST

By MATTHEW FORDAHL

SAN JOSE, Calif. - A controversial copy-protection program that automatically installs when some Sony BMG audio CDs are played on personal computers is now being exploited by malicious software that takes advantage of the antipiracy technology's ability to hide files.

The Trojan horse programs - three have so far been identified by antivirus companies - are named so as to trigger the cloaking feature of Sony's XCP2 antipiracy technology. By piggybacking on that function, the malicious programs can enter undetected, security experts said Thursday.

"This could be the advanced guard," said Graham Cluley, senior technology consultant at the security firm Sophos. "We wouldn't be surprised at all if we saw more malware that exploits what Sony has introduced."

The copy protection program is included on about 20 popular music titles, including releases by Van Zant and The Bad Plus, and disclosure of its existence has raised the ire of many in the computing community, who consider it to constitute spyware.

Sony BMG Music Entertainment and the company that developed the software, First 4 Internet, have claimed that the technology poses no security threat. Still, Sony posted a patch last week that uncloaks files hidden by the software.

On Thursday, Sony released a statement "deeply regretting any disruption that this may have caused." It also said it was working with Symantec and other firms to ensure any content-protection technology "continues to be safe."

Neither Sony spokesman John McKay nor First 4 Internet CEO Mathew Gilliat-Smith returned messages seeking additional comment.

Windows expert Mark Russinovich discovered the hidden copy-protection technology on Oct. 31 and posted his findings on his Web log. He noted that the license agreement that pops up said a small program would be installed, but it did not specify it would be hidden.

Manual attempts to remove the software can disable the PC's CD drive. Sony offers an uninstallation program, but consumers must request it by filling out two forms on the Internet.

"What they did was not intentionally malicious," Cluley said. "If anything, it was slightly inept."

The copy-protection software, which Sony says is a necessary "speed bump" to limit how many times a CD is copied, only works on Windows-based PCs. Users of Macintosh and Linux computers are not restricted.

The viruses also only target Windows-based machines.

The infection opens up a backdoor, which could be used to steal personal information, launch attacks on other computers and send spam, antivirus companies said.

Sony also is facing legal headaches. On Nov. 1, Alexander Guevara filed suit in Los Angeles County Superior Court seeking class action staus. He claims Sony's actions constituted fraud, false advertising, trespass and violated state and federal laws barring malware and computer tampering.

His attorney, Alan Himmelfarb, did not immediately return calls seeking comment.

The Electronic Frontier Foundation, an online civil liberty group, said it is hearing from people who have run into problems with the copy protection software. It is considering filing its own lawsuit, said EFF staff attorney Jason Schultz.

"You can't uninstall it, you can't find it, and it's vastly more invasive in terms of privacy and personal property than any other (digital rights management) program to date," he said.

Source: Associated Press/AP Online

More News in this Category