What it does: As originally discovered by security researcher Mark Russinovich of Winternals Software, certain music CDs published by Sony BMG Entertainment contain DRM protection requiring that the user must install a proprietary music player in order to play the songs. The player contains a rootkit (click here for a definition) as part of an effort to conceal the DRM and prevent its removal.
The DRM software and the rootkit were written by a First 4 Internet of the UK. The rootkit conceals all access to files and registry entries prefixed with the string '$sys$' in order to hide itself, but this behavior could allow other malicious programmers to hide their own programs by using the same file naming scheme. First 4 Internet and Sony deny that the system presents a security problem.
For full story: