The fallout from the Sony rootkit disaster
hasn't cleared yet, it seems. According to Dan Kaminsky, there are still many hundreds of thousands of computers to potentially millions of computers infected. That's not all that surprising – the large majority may have never even heard of this fiasco, and many who are infected may never know – that is, until they bring their machine into a shop for repair. By looking at logs in various DNS servers around the world, Kaminsky was able to determine that lookups to the XCP address, half of Sony's rootkit package, are still in full swing. Many government and military owned computers are also infected. What is particularly interesting, though, is that piracy helped spread the rootkit. People blindly making duplicates of CDs ended up also duplicating the rootkit software!
The data might also show how widespread piracy has become. The 52 music titles released with the XCP software were only released in North America, he said. However, the network apparently affected by the Sony BMG issue covered 135 countries. About 4.7 million discs were manufactured and about 2.1 million had sold, according to Sony statements. "The global scope is the big mystery here," he said. "It is fairly likely that a lot of the discs were pirated."
With more settlements coming and bad things continuing to happen, the plot is only thickening, and unfortunate for Sony, things are not letting up. It will be interesting to watch continued developments with this.