HELSINKI, Finland, Aug. 29 (UPI) -- A line of Sony Electronics Inc. USB flash drives installs files in a hidden folder that hackers can get into, a Finnish security company said.
The fingerprint-reader software included with the Sony MicroVault USM-F line installs a driver that is concealed in a hidden directory under "c:windows," Helsinki's F-Secure Corp. said.
And while the directory, and files within it, are not generally visible, a knowing hacker can enter the hidden directory and create dangerous new hidden files, F-Secure researcher Mika Tolvanen said in a posting to the company's blog.
The directory goes unseen by some antivirus scanners, Tolvanen said.
"Sony doesn't do any of its own development in this area; it looks like a Chinese company did it," Chief Research Officer Mikko Hypponen told PCWorld magazine.
Sony Electronics, of San Diego -- the largest unit of Sony Corporation of America, the U.S. subsidiary of Japan's Sony Corp. -- had no immediate comment.
The company was involved in a 2005 copy-protection scandal dealing with Sony BMG Music Entertainment Inc.'s surreptitious distribution of similar software on audio compact discs.
The software, which was automatically installed on desktop computers when customers tried to play CDs, opened security holes that let viruses break in.
The U.S. Federal Trade Commission settled with Sony earlier this year after Sony paid nearly $6 million to settle cases with U.S. states.
