Sony music cds might install spyware on your system
A few minutes ago I read a news article written by Brian Krebs who described how some Sony Music CDs try to install a software on Windows PCs that can be labeled as spyware or even worse than that.
It seems that we have reached a new level in the fight between record companies and its consumers. If you put a music CD in question into your drive an installer will popup. If you agree to install the software you won't find a uninstall feature anywhere on your PC and end up with software on it that may be harmful to it.
Apparently all Music CDs labeled "Content enhanced & protected" have the installer on the CD, make sure you check this before you buy a CD, especially if you want to listen to music on your PC.
According to Krebs "The CDs in question make use of a technique employed by software programs known in security circles as "rootkits," a set of tools attackers can use to maintain control over a computer system once they have broken in."
It takes PC expertise to remove this software once it is installed on a computer system. Security companies like FSecure are aware of the rootkit-like behavior and have created virus definitions for it. Here is the summary that they are making available:
Extended Copy Protection (XCP) is a CD/DVD copy protection technology created by First 4 Internet Ltd. XCP has been used to protect some audio CDs released by Sony BMG Music Entertainment. The XCP protected disks contain digital rights management (DRM) software that allow the user to make a limited number of copies of the disk and also rip the music into a digital format to be used on a computer or portable music player.
Once installed, the DRM software will hide:
- Registry keys and values
No means of uninstalling the DRM software is given. The software supports Windows 98SE, Windows ME, Windows 2000 SP4 and Windows XP.
This analysis was conducted on Windows XP. The music CD that contained the DRM software was Van Zant: Get Right with the Man (Sony BMG Music Entertainment). F-secure also posted a guide on how to remove the software once installed on your system.Advertisement