Security specialists are warning that Sony’s MicroVault USB, which is a biometric USB storage device, cloaks driver software in a Windows directory that could be used by malware to avoid detection from security applications.
The manner of installing and hiding software on users’ PCs is reminiscent of Sony BMG’s attempt two years ago to protect music copyright by installing rootkit software.
The fingerprint recognition software packaged with Sony’s Microvault USB installs itself as hidden files on the users system under the “c:\windows\” directory.
F-Secure security expert, Mika Tolvanen, reported that it is possible to enter the hidden directory using a Command Prompt and from there create and run new hidden files.
Full story: ZDNet Australia
