Rootkit Redux: German DVDs Contain DRM-Based Malware
“Two German Video-DVDs use a new copy protection scheme which creates a security risk on Windows machines. The copy protection mechanism called Alpha-DVD was developed by Settec, a Korean company spun off from electronics giant LG.
“When the disc is inserted into a Windows PC, a window boldly announces that the disc can only be played after installing copy protection software. When the user clicks on “I agree”, Alpha-DVD installs three files to the system32 directory and loads into memory. The copy protection hides from the Task Manager by injecting a library into all running user level processes. There is no simple way for Windows users to know whether Alpha-DVD is installed on their machines.
“This library can easily be misused by third-party software for malignant purposes. heise Security has developed a proof-of-concept application which can call on Alpha-DVD to hide itself from the OS. It takes only a few lines of code to make use of Alpha-DVDs stealth functionality.”
Heise Online. DVD Copy Protection Creates Security Risk. Feb. 14, 2006.
Joris Evers. Homeland Security Official Suggests Outlawing Rootkits. News.com. Feb. 16, 2006.
Robert McMillan. Sony Rootkit Experience May Lead to Federal Oversight. IDG News Service. Feb. 16, 2006.
Ryan Naraine. ‘Mr. & Mrs. Smith’ DVD Ships With Rootkit-like DRM. eWeek. Feb. 14, 2006.
Settec. Entertainment Copy Protection: Alpha-DVD. No date.
CopyCense™: K. Matthew Dames on the intersection of business, law and technology. A business venture of Seso Digital LLC.