This just in from the Security Now podcast: Sony/BMG is selling copy protected CDs that install a rootkit – a hidden backdoor program – on any computer used to play them!
The hijacking software was discovered by Mark Russinovich at Sysinternals.com whan he was working on an update of their Rootkit Revealer software.
The malicious programs infiltrate the Windows kernal and allow remote access to your computer without your knowledge. Sony/BMG put the programming on the CD to force users to use a special player included on the CD to play it in your computer and it prevents more than three copies being made.
Not only does it install a rootkit trojan, it’s a sloppily written one that degrades your computers performance.
Russinovich got the trojan from a CD – Van Zandt-Get Right With the Man – purchased on Amazon.com. Presumably, many other Sony/BMG CDs are veing released with this malicious DRM software.
Folks, this is not a bug. This is not an accident. This is just an unconscienable, rotten, malicous act by an unscrupulous company. It ought to be cause for lawsuits.
What is worse, the program, written for Sony/BMG by First 4 Internet, is difficult to remove and can leave your CD drive not functioning, or worse, the whole computer. The article writer, a computer security expert, was able to remove it with some difficulty. His step by step procedure is in his blog.
If you’re outraged by this, as you should be, don’t buy Sony/BMG CDs. Not even for your CD player.
Update: More on this in a quoted email from Dr. Jerry Pournelle here.