Rootkit Redux: German DVDs Contain DRM-Based Malware

“Two German Video-DVDs use a new copy protection scheme which creates a security risk on Windows machines. The copy protection mechanism called Alpha-DVD was developed by Settec, a Korean company spun off from electronics giant LG.

“When the disc is inserted into a Windows PC, a window boldly announces that the disc can only be played after installing copy protection software. When the user clicks on “I agree”, Alpha-DVD installs three files to the system32 directory and loads into memory. The copy protection hides from the Task Manager by injecting a library into all running user level processes. There is no simple way for Windows users to know whether Alpha-DVD is installed on their machines.

“This library can easily be misused by third-party software for malignant purposes. heise Security has developed a proof-of-concept application which can call on Alpha-DVD to hide itself from the OS. It takes only a few lines of code to make use of Alpha-DVDs stealth functionality.”

Heise Online. DVD Copy Protection Creates Security Risk. Feb. 14, 2006.

See also:

Joris Evers. Homeland Security Official Suggests Outlawing Rootkits. Feb. 16, 2006.

Robert McMillan. Sony Rootkit Experience May Lead to Federal Oversight. IDG News Service. Feb. 16, 2006.

Ryan Naraine. ‘Mr. & Mrs. Smith’ DVD Ships With Rootkit-like DRM. eWeek. Feb. 14, 2006.

Settec. Entertainment Copy Protection: Alpha-DVD. No date.

CopyCense™: K. Matthew Dames on the intersection of business, law and technology. A business venture of Seso Digital LLC.

Written by sesomedia

02/21/2006 at 08:55

Posted in Uncategorized

%d bloggers like this: