Nice fucking job, Sony

Viruses use Sony anti-piracy CDs
Natasha Bedingfield
Virus writers are exploiting Sony's controversial anti-piracy software to hide their malicious creations.

In late October Sony was found to be using stealth techniques to hide software that stopped some of its CDs being illegally copied.

Now three virus variants have been found that use the Sony software to evade detection by anti-virus programs.

Sony has apologised, saying it is working with computer security firms to address the problems.

Viral trio

The stealthy methods that Sony BMG used to protect its anti-piracy system were uncovered by Windows programming expert Mark Russinovich on 31 October.

He discovered that the Sony XCP copy protection system is a so-called "root-kit" that hides itself deep inside the Windows operating system.

XCP uses these techniques to install a proprietary media player that allows PC users to play music on the 20 CDs Sony BMG is protecting with this system. The CDs affected are only being sold in the US.

Soon after Mr Russinovich exposed how XCP worked security experts speculated that it would be easy to hijack the anti-piracy system to hide viruses.

Now anti-virus companies have discovered three malicious programs that use XCP's stealthy capabilities if they find it installed on a compromised PC.

"The development we feared most from Sony's inclusion of rootkit technology to conceal its DRM software was its use to conceal malicious code," said David Emm from security firm Kaspersky Labs.

"Unfortunately, it seems our fears were well-grounded."

...