atsouch Posted February 18, 2006 Report Share Posted February 18, 2006 Ανακαλύφθηκε άλλο ένα rootkit, αντίστοιχο με αυτό της Sony BMG, τώρα σε γερμανικό DVD από την F-Secure: A popular movie DVD has been discovered using rootkit-like copy protection, Anti-virus com pany F-Secure has revealed. The German DVD of Hollywood blockbuster Mr and Mrs Smith, released on 24 January, contains copy-protection software called Alpha-DVD, according to news organisation Heise, which fi rst reported the issue. The disc will not play on Windows PCs unless the software is insta lled. Alpha-DVD contains user-mode rootkit-like features that hide its own process, accord ing to F-Secure. The discovery comes not long after the controversy over similar features found in copy-pro tection software on CDs distributed by Sony BMG. Rootkits are used by intruders to maintai n persistent access to a system, while keeping malicious processes hidden. Heise said another recent German DVD, "Edison", also contains Alpha-DVD, as does a Korea n edition of "Oldboy". What's more, like Sony BMG's copy-protection software, Alpha-DVD can be misused by third -party software for malicious purposes, according to Heise. The organisation said it has d eveloped a proof-of-concept application that could call on Alpha-DVD to hide itself from t he OS. "It takes only a few lines of code to make use of Alpha-DVDs stealth functionality ," Heise said in a report. Unlike the Sony BMG software, Alpha-DVD doesn't hide files or registry entries, according to F-Secure. "This makes the feature a bit less dangerous, as anti-virus products will s till be able to scan all files on the disk," said F-Secure vice president Antti Vihavaine n in a blog post. "However, it's not that uncommon for real malware to only hide (its) p rocesses." The creator of Alpha-DVD, a South Korean LG spinoff called Settec, is providing removal so ftware for those concerned about the impact of its copy protection system. By default Alph a-DVD provides neither a Start Menu entry nor an entry in Windows' Add/Remove Programs fe ature. F-Secure said software makers should always avoid hiding anything from users, and particul arly administrators. "It rarely serves the needs of the user, and in many cases it's ver y easy to create a security vulnerability this way," wrote Vihavainen. Source: http://www.techworld.com Link to comment Share on other sites More sharing options...
Recommended Posts