Jump to content

Rootkit και σε DVD;

atsouch

By atsouch,
in Τα "πρωτοσέλιδα"

 Share

Recommended Posts

atsouch Senior IT Pro!

atsouch

Posted
Posted

Ανακαλύφθηκε άλλο ένα rootkit, αντίστοιχο με αυτό της Sony BMG, τώρα σε γερμανικό DVD από την F-Secure:

A popular movie DVD has been discovered using rootkit-like copy protection, Anti-virus com

 

pany F-Secure has revealed.

 

The German DVD of Hollywood blockbuster Mr and Mrs Smith, released on 24 January, contains

 

copy-protection software called Alpha-DVD, according to news organisation Heise, which fi

 

rst reported the issue. The disc will not play on Windows PCs unless the software is insta

 

lled. Alpha-DVD contains user-mode rootkit-like features that hide its own process, accord

 

ing to F-Secure.

 

 

The discovery comes not long after the controversy over similar features found in copy-pro

 

tection software on CDs distributed by Sony BMG. Rootkits are used by intruders to maintai

 

n persistent access to a system, while keeping malicious processes hidden.

 

 

Heise said another recent German DVD, "Edison", also contains Alpha-DVD, as does a Korea

 

n edition of "Oldboy".

 

 

What's more, like Sony BMG's copy-protection software, Alpha-DVD can be misused by third

 

-party software for malicious purposes, according to Heise. The organisation said it has d

 

eveloped a proof-of-concept application that could call on Alpha-DVD to hide itself from t

 

he OS. "It takes only a few lines of code to make use of Alpha-DVDs stealth functionality

 

," Heise said in a report.

 

 

Unlike the Sony BMG software, Alpha-DVD doesn't hide files or registry entries, according

 

to F-Secure. "This makes the feature a bit less dangerous, as anti-virus products will s

 

till be able to scan all files on the disk," said F-Secure vice president Antti Vihavaine

 

n in a blog post. "However, it's not that uncommon for real malware to only hide (its) p

 

rocesses."

 

 

The creator of Alpha-DVD, a South Korean LG spinoff called Settec, is providing removal so

 

ftware for those concerned about the impact of its copy protection system. By default Alph

 

a-DVD provides neither a Start Menu entry nor an entry in Windows' Add/Remove Programs fe

 

ature.

 

 

F-Secure said software makers should always avoid hiding anything from users, and particul

 

arly administrators. "It rarely serves the needs of the user, and in many cases it's ver

 

y easy to create a security vulnerability this way," wrote Vihavainen.

 

 

 

 

 

 

 

 

Source: http://www.techworld.com

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...