Copy protection software creates virus havoc

News Analysis

Copy protection software creates virus havoc

Sony is to stop making CDs that use specialist copy protection software after a hacker hid a virus in the software with the potential to cause havoc on users’ PCs.


The virus was found in Sony’s Extended Copy Protection program, used to protect its music from illegal copying.

The hacker mass-mailed a message with an attachment that installs malware when clicked. The malware was hidden inside Sony’s BMG software, which would have already been installed on a computer when consumers played one of Sony’s copy-protected music CDs.

The Stinx-E Trojan virus, emailed using the subject line ‘Photo approval’, installs malware when initiated, which tears down the computer’s firewall, giving hackers access to the machine.

Sony has now provided software to remove the cloaking element that enables the virus to hide inside a computer, but the software does not disable the copy protection itself. Sophos has also offered a tool to disable the copy protection software

In a bizarre spin-off from the incident, a class-action lawsuit was filed by users in California , claiming Sony had not informed consumers that it installs software directly into the root of their computer systems with ‘rootkit’ software. Such software cloaks all associated files and is dangerous to remove.

Despite the fuss, one thing remains clear. If users don’t click on an attachment from an unknown email, the malware can’t be installed. The advice is repeated over and over again, but too many still don’t get it.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy