
Are UK firms in danger?
By Dan Ilett
Published: 10 November 2005 15:50 GMT
Antivirus firms are reporting that masses of emails containing a Trojan that exploits Sony's digital rights management (DRM) program are circulating on the internet.
The Trojan, dubbed Stinx, has been mass-mailed to UK email addresses but is able to hide itself if a computer has Sony's controversial anti-piracy rootkit program installed, which is embedded on some CDs.
Graham Cluley, senior technology consultant for security firm Sophos, said: "By installing Sony's software it opens a vulnerability that hackers can exploit and in this case they have. From that point of view it is a bad thing regardless of the fact that it stops people stealing music."
Cluley said the spam seemed to be targeting UK businesses.
However, a spokesman from Sony said that European CDs have no copy protection software on them. He said: "I don't know how it would get onto UK computers. The only way it could happen is if you buy something from America. We are talking about a couple of copies in hundreds of thousands."
Earlier this month, security researcher Mark Russinovich told the BBC that Sony CDs are installing rootkits on PCs to stop people from copying music illegally. Rootkits are tools commonly used by hackers to embed malicious code into a computer.
Sophos is advising its customers to be cautious whether they have the Sony program installed or not, as Cluley said many people would not know if it's on their systems.
Once loose on a computer, the Trojan copies itself to a file called "$sys$drv.exe". Any file with a "$sys$" name cloaks itself using Sony's copy-protection code, thus making the malicious file invisible.
Or any other language as long as the output does not have further dependencies on the target platform to run the automation program (windows without ...
Administrative tools are installed to allow support to be provided locally or from a remote location. These services include providing support of the ...
Administrative tools are installed to allow support to be provided locally or from a remote location. These services include providing support of the ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...
Naked CIO Naked CIO: Cloud computing more expensive than we thought? Smart IT leaders will examine the impact of how they pay for tech