32

I got 200 computer CD games here and I think checking them for viruses would be inappropriate. Also, when I bought software on CD I was always sure there is no virus.

I wonder if there ever was software or a game containing a virus on the optical disc? If this happened by accident or with intent, it doesn't matter.

To not include home-brew software, I am only asking for pressed discs and not burned discs. Also I am only asking for real viruses (backdoor trojan horses) and not, for example, less harmful ad-showing software.

TonyM
  • 3,704
  • 1
  • 19
  • 31
zomega
  • 5,362
  • 4
  • 25
  • 52
  • 1
    One could argue that various copy protection schemes amounted to malware. Perhaps not a virus per se since they did not propagate to other machines. – Jon Custer Jan 21 '23 at 15:21
  • 61
    Do Sony rootkits count? – Justme Jan 21 '23 at 15:23
  • 5
    @Justme The Sony rootkit only prevents you from copying the disc. It is not harmful or dangerous. So in my opinion no. Of course it is malware but as I said I am only looking for real viruses (backdoor trojan horses). – zomega Jan 21 '23 at 15:30
  • 30
    @zomega It's not a virus but I disagree on the not harmful or dangerous part. The Sony rootkit had secutity holes which were exploited by other viruses and malware, also made the system unstable. – Justme Jan 21 '23 at 15:51
  • 1
    @Justme Well then you can call Mozilla Firefox dangerous too because it has dangerous security holes sometimes... – zomega Jan 21 '23 at 16:00
  • 8
    @zomega The point was that the Sony rootkit was essentially the HIV/AIDS of malware. AIDS doesn't kill you, it's the suppression of your immune system and the secondary infections that do. – ssokolow Jan 21 '23 at 16:52
  • 56
    The Sony rootkit only prevents you from copying the disc. Not so - the Sony rookit covertly installed kernel-mode software into the I/O stack. Definitely malware with intent. And then they lied about having removed it. – dave Jan 21 '23 at 17:54
  • 30
    @another-dave: Not only that, but its "invisibility clock" made the system not only blind to it, but also to other forms of malware that would otherwise have been readily detected. – supercat Jan 21 '23 at 19:01
  • 2
    In the mid-90s, Walnut Creek CDROM made a business out of selling dumps of various shareware / freeware / open source software repositories on (pressed) CD-ROM. I recall they advertised that the files were virus scanned, but malware must have slipped through once in a while. – Nate Eldredge Jan 21 '23 at 23:11
  • yes there was ... for example I got some viruses also on Device driver pressed CD directly from manufactor provided with PC motherboard. The reason is usually that the virus was not vell known at the time ... I detect it only years latter once antiviruses where updated with those abreviations... the MB is long dead since then – Spektre Jan 22 '23 at 08:02
  • 2
    @NateEldredge, many PC-related magazines included a CD-ROMs with various software and I think that it, in many cases, was probably not checked for viruses at all. – jiwopene Jan 22 '23 at 20:27
  • 2
    I don't remember which issue it was, but I got a virus from https://en.wikipedia.org/wiki/Joystick_(magazine), a magazine about video-games, with a CD full of trial versions. They acknowledged it, but only sent new CDs without virus, and didn't want to pay for any computer repair or data loss. – Eric Duminil Jan 23 '23 at 07:26
  • @NateEldredge citation needed for walnut creek allegations. OpenBSD would not allow distribution on risky channels – mcalex Jan 24 '23 at 00:57
  • @mcalex: It was speculation. But if it did happen, I don't see how it would reflect badly on Walnut Creek - the CDROM is sold as a dump of a particular ftp site which accepts uploads of all kinds. If a file on that site contained a virus, and it happened to be one that wasn't detected by scanners, that would hardly be Walnut Creek's fault. Likewise, if OpenBSD didn't have any viruses or malware in their source code, they could be pretty confident that Walnut Creek wouldn't add any. – Nate Eldredge Jan 24 '23 at 01:53
  • Do pirated software collections on cd-rom count in the terms of the question? Including cracks and keygenes? – Wheelmagister Jan 24 '23 at 16:02
  • @Wheelmagister Only real viruses. For example a virus which allows unnoticed remote access to the PC. Or a virus with the intention to make the PC unusable or delete personal files. (Clean) cracks and keygens do exactly what the user wants. So those are not viruses. – zomega Jan 24 '23 at 17:43

3 Answers3

46

Yes, for 'software'. The first hit on a search for 'cd-ro shipped with virus' (typo mine) got me this:

MS Solution Provider CD

Microsoft (MSFT) has shipped CD-ROMs infected with a little-known virus to nearly 10,000 software developers and trainers worldwide since September. The software giant said its Solution Provider CD, a disc provided to consultants who customize Microsoft software for business customers, has been infected with a new and little-known virus named Wazzu, which attaches itself to Microsoft Word documents. -- CNET, Oct. 23, 1996

Wayne Conrad
  • 2,706
  • 17
  • 25
dave
  • 35,301
  • 3
  • 80
  • 160
40

Yes, it happened quite a few times.

Software added as covermount to computer magazines may sometimes not be secure. A fast-spreading medium, computer magazines can output over 10,000 discs in a matter of days. In the days before internet connections were commonplace, one of the fastest methods by which a computer virus could spread was to be included inadvertently on a coverdisc. Although discs are thoroughly scanned and carefully assembled, there have been cases of discs being distributed with viruses, damaging the credibility and reputation of the magazine. In several instances where viruses were spread this way, publications expressed that while the contents of the media were scanned by anti-virus software, the virus wasn't detected as the virus was too new. In 1998, cover discs released by both PC PowerPlay and PC Gamer were infected with the Marburg virus, which CNN Money stated caused the malware to become a "widespread threat". A MacAddict cover disc in 2002 contained the AutoStart worm.

https://en.wikipedia.org/wiki/Covermount

Those covermount CD-ROMs were all pressed, burning them would not have been feasible in those numbers of copies.

g.kertesz
  • 501
  • 3
  • 3
2

Sega Dreamcast game "Atelier Marie" was a video game served as GD-ROM. It contained, however some extras as a screensaver which were meant to be read by a PC.

The developers weren't careful and got their development systems infected. The virus eventually got itself into the final build files and was set to be triggered by the screen saving program.

While the malicious code was harmless to the Dreamcast (having incompatible architecture from its targets) when being read and triggered by a PC it would wreck the system by erasing the BIOS, CMOS data and overwrite the HDDs.

Borg Drone
  • 703
  • 4
  • 16