Foster City (CA) – Sony is the face of a new malware threat that deals with fingerprint-authenticating USB drives.
According to a report from F-Secure, Sony’s MicroVault USM-F fingerprint reading software comes with an infected USB stick. The software reportedly installs a hidden file on the user’s computer and is invisible from certain antivirus scanners.
It’s a mirror case of Sony’s huge debacle with Sony BMG Music CDs that prompted users to install malware when the CD was played back on a PC.
Unlike the Sony BMG case, however, it is believed that Sony did not have malintent with the MicroVault software. F-Secure says the rootkit placement is likely just a way to make the software more secure.
The security news site also noted that Sony’s MicroVault software available from Sony.net also contains the same problem.
According to F-Secure, the affected MicroVault software is an older product and has been essentially phased out.