New Sony 'Rootkit' Found On USB Flash Drive

F-Secure reported on their blog that they have discovered new rootkit-like software installed on systems using the Sony MicroVault USB flash drive fingerprint reading software. The USB drive uses fingerprint scanning as a biometric security measure to authenticate the user before allowing access to the data. Including some measure of security on the USB drive seems like a reasonable idea. However, using their Blacklight rootkit detection product, F-Secure uncovered hidden folders created by the software.

You may recall that in the not-too-distant past, Sony came under fire for including rootkit-like DRM (digital rights management) software on their music CD's. Users were angry that Sony installed software without their authorization, and it was discovered that the rootkit software exposed the computer to exploits and provided a potential mechanism for attackers to leverage to hide their malware.

Sony removed the offending software and issued an apology, but apparently hasn't given up entirely on the practice. F-Secure does provide a comparison of the two rootkits in which they explain why this USB flash drive rootkit is not as serious of a threat as the previous music CD DRM rootkit was. Nevertheless, the new rootkit software can still be exploited by attackers in much the same way as the previous rootkit could. It is also yet another example of Sony showing a lack of integrity and failing to fully disclose what exactly they are installing on their customers' computers.