World of Warcraft hackers using Sony BMG rootkit

["Fergie" <fergdawg () netzero net>]

Via SecurityFocus.

[snip]

Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.

World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can 
make tools made for cheating in the online world impossible to detect. The software--deemed a "rootkit" by many 
security experts--is shipped with tens of thousands of the record company's music titles.

Blizzard Entertainment, the maker of World of Warcraft, has created a controversial program that detects cheaters by 
scanning the processes that are running at the time the game is played. Called the Warden, the anti-cheating program 
cannot detect any files that are hidden with Sony BMG's content protection, which only requires that the hacker add the 
prefix "$sys$" to file names.

Despite making a patch available on Wednesday to consumers to amend its copy protection software's behavior, Sony BMG 
and First 4 Internet, the maker of the content protection technology, have both disputed claims that their system could 
harm the security of a Windows system. Yet, other software makers that rely on the integrity of the operating system 
are finding that hidden code makes security impossible.

[snip]

http://www.securityfocus.com/brief/34

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.