Friday, November 11, 2005

Buy Sony BMG music. Get spyware and possibly identity stealing Trojan Horse

People who bought music CDs from Sony BMG Music Entertainment may have exposed themselves to a dangerous new computer worm.

Symantec Corp., the leading maker of antivirus software, said the worm has infected computers that played Sony BMG recordings. Two other antivirus firms, BitDefender Labs and Sophos PLC, also issued warnings yesterday.

The Sony BMG disks install software that is supposed to prevent the user from making illicit copies of the music and distributing them over the Internet. But the anticopying software conceals itself so that the computer user can't easily remove it.

Now someone has written a ''Trojan horse" program that exploits this feature of the Sony BMG software. The program, which is spread through spam e-mails, uses the Sony BMG code to hide itself. Then the Trojan horse uses the Internet to contact its creators for further instructions.

''By enabling an infected machine to be remotely controlled, this threat opens up the user's identity and computer for potentially malicious purposes," said Vincent Weafer, senior director of Symantec Security Response.

Attackers could, for example, order the Trojan horse to copy and transmit personal information. Or they could make the computer send spam messages to other Internet computers, or launch ''denial of service" attacks that could put major Internet services out of commission. Criminals have launched such attacks against businesses, demanding protection money.
Computer worm exploits software on Sony's CDs

11/12/05 Sony has announced that it is discontinuing the placement of the spyware on it's disks. Trust them if you dare.


Post a Comment

<< Home

Links to this post:

Create a Link