Florida Leads Nation in Sony Rootkit Victims
Security researcher Dan Kaminsky released new information at the Shmoocon 2006 hacker conference on Friday showing the U.S. states with the most computer networks hosting machines that remain infected by flawed anti-piracy software automatically installed by some music CDs produced by Sony BMG.
According to Kaminsky's research -- which relied on methods Security Fix detailed in a previous blog post on this topic -- Florida leads the nation with 12,588 networks hosting computers that show signs of having the software installed on them. Kaminsky found some 9,719 networks with infected hosts in California, 7,962 in Massachusetts, and 6,310 in New Jersey. Virginia was ninth on the list with 3,362 infected networks. Maryland has at least 527, and the District of Columbia came in last with just 99 affected networks. You can view the entire list by downloading this file:
It is important to note that Kaminsky's numbers probably mask the true extent of the problem because each network could hosts just a single computer with the Sony software installed -- or thousands.
This research could provide some interesting fodder for the ongoing lawsuits against Sony for exposing customers to security risks through its anti-piracy software (not to mention suits that have yet to be filed). The Texas attorney general is currently going after Sony for allegedly violating the state's new anti-spyware law, and several other attorneys general have indicated they also are considering action.
On a completely unrelated note, I owe at least six hours of shuteye Friday night to Kaminsky -- after a night of partying with Dan and other hackers, the guy let me crash on the couch in his room so I didn't have to drive home. Thanks, Dan.
Posted by: GTexas | January 16, 2006 4:14 PM | Report abuse
The comments to this entry are closed.