Update: There's now been another two successful attacks against Sony, for those keeping score these should be nr. 5 and 6. More user account info stolen this time.
It's the security nightmare that just won't end, and right now there's got to be plenty of Sony executives beginning to wish someone would pinch them already. After taking quite a PR and financial beating over the PSN breach, now the Greek site of Sony BMG has been hacked and the account info of thousands of users has been posted online.
The hackers just won't give poor Sony a break, will they? Following the infamous PSN breach last month and an attack on the company's Greek online music service earlier this week, Sony Ericsson has now seen another intrusion that extracted personal data of more than 2,000 Canadian Eshop customers.
Original post: After the URL exploit the other day there have now been another two breaches in Sony security. Note that these hacks are completely unrelated to the PSN debacle. The timing is pretty funny though, Sony just can't catch a break.
Sony has been hacked, and one of its servers used to host a phishing site, according to Finnish company F-Secure.
The hack, which is not connected to Sony's problems with its PlayStation Network, has placed a phishing webpage on the Sony Thailand site, F-Secure chief research officer Mikko Hypponen told ZDNet UK on Friday.
"The phishers are looking for credit card details and logins,"
Another unit of Sony Corp. has come under attack from hackers — this time a mobile Internet service provider in Japan called So-net Entertainment Corp.
So-net says that someone gained improper access to user accounts and successfully used so-called "So-net points" to obtain goods worth about $1,225.
The intruder used points from 128 accounts and illicitly checked the e-mails of 90 users.
This is just insane must really be hurting Sony from a business stand point. Seems like you can't take any action against the internet these days without someone like Anonymous fucking up your day. Welcome to a new age?
On May 21 2011 23:52 OTIX wrote: Sony just can't catch a break.
I wouldn't call it either of those. This is what happens when you piss off computer junkies with a lot of time and incentive, and the computer acumen to use both of those properly. Sony put a target on their backs and they're reaping the benefits.
Man, It's what'll happen to a large company that tries to sue one of the most beloved hackers out there (GeoHot). He's in the habit of jailbreaking all manner of proprietary devices, and Sony are after him for jailbreaking the PS3. Personally, I'm of the opinion that he bought the damn PS3 and he should be allowed to do whatever he wants with it. Attack a respected member of the hacking community, and a lot of the more activist hackers will retaliate at the perceived injustice.
As much as I feel sorry for Sony, it means their security system is very undeveloped. One of my friends who owns a PS3 said he's never buying a PS4 if it ever comes out. I'm trying to convince him to buy a new computer to play SC2 =P
On May 22 2011 01:06 SigmaoctanusIV wrote: This is just insane must really be hurting Sony from a business stand point. Seems like you can't take any action against the internet these days without someone like Anonymous fucking up your day. Welcome to a new age?
Anonymous didn't do it. 4chan is pissed that PSN has been down, /v/ especially. Assuming Anonymous=4chan of course.
No matter how much anyone disklikes Sony, these sort of attacks are not really justifiable--I'm saying this after listening to RMS's speech for free software (and encouraging the demise of corporations like Sony)
lol...Why are people neglecting the owners of the emails hacked??? Yeah Sony will get bad publicity but what about the poors guys who got their money stolen from them??? :/
Sad to see this happen but Sony did need a wake up call. Sony is big enough and resilient enough to not back down from all of this. They will learn from their mistakes and come out of it much stronger. Sort of like Ford.
im curious how and who is doing it cause this sort of hacking seems much moar advanced than the denial of service kind of stuff that run of the mill hackers are capable of
On May 22 2011 00:18 Qzy wrote: It's due to Sony filing lawsuit againt some hacker.
Geohot has nothing to do with those attacks on sony. Sony just has poor security and after one attack succeeded others figured out that sony was a soft target. Like how a whale carcass brings creates a feeding frenzy of sharks.
On May 22 2011 00:05 BlackJack wrote: Why are they so vulnerable to being hacked? Are they incompetent or are the hackers just unstoppable?
In general hackers are unstoppable, but the way sony set up psn made it really easy to hack, and hackers like money and being dicks, so it all works out(for the hackers).
On May 22 2011 00:55 Nizaris wrote: Good to see the hacking community is still alive and kicking, I would seriously lol if this is all GeoHot fucking with Sony.
So fucking over Sony customers and stealing their money and personal data is somehow "helping the cause" and "fighting the good fight"?
On May 22 2011 17:02 rickybobby wrote: im curious how and who is doing it cause this sort of hacking seems much moar advanced than the denial of service kind of stuff that run of the mill hackers are capable of
It doesn't necessarily take a genius to hack a server, only tenacity. Basically you just have to find bugs/exploits in whatever software/setup they are using. If the security is bad then there will be unpatched exploits that are already publicly known, and anyone with half a brain will be able to hack in.
But an actual skilled programmer... well, if they are tenacious, then they can do amazing things.
How many times do you guys think Sony will get hacked is it really that hard to stop hackers, I cant think of another company that suffers from these problems.
On May 22 2011 20:55 Eviltoast wrote: I am so glad I dont have a PS3.
How many times do you guys think Sony will get hacked is it really that hard to stop hackers, I cant think of another company that suffers from these problems.
The same could happen to almost every other company. Companies still lag wayyyy behind in the tech safety department, even tech companies.
I agree with the other in here who are saying that it was just a matter of opportunity. It's as if: "Hey, the Mongols were able to get through that pesky Wall those Chinese built, why don't we try it?"
Sony: "hey, your data has been stolen. someone is about to sell it for the highest bidder. its just 70 million accounts with credit cards on it. but hey, when we return you get the "welcome back kit"... free games ( old games ) and 1 month of free playstation plus"...
As shitty as this is for the ones who got affected, I think it's good that Sony gets hacked in the long run. Should be a wake up call for pretty much all companies that have lacking security measures, if Sony can get hacked so can fucking anyone.
Pretty interesting stuff, it's funny how the internet randomly chooses to retaliate against perceived injustices. As for the questions about hacking, there are skilled programmers on both sides of cyber security. Sony wasn't prepared to become a target, so until they get some talented IT specialists working on their network security they will continue to be vulnerable. I'm sure they'll stabilize, but it's a lesson to other companies that if they intend to invest in prosecuting cyber-vigilantes then they should also be prepared to invest in their security to compensate for a possible backlash.
The hackers are chaining Fungal Growths, and Sony just doesn't have Ghosts or Siege Tanks to deal with it . They need to get their security together :/. They're getting hit pretty hard.
Update: There's now been another two successful attacks against Sony, for those keeping score these should be nr. 5 and 6. More user account info stolen this time.
It's the security nightmare that just won't end, and right now there's got to be plenty of Sony executives beginning to wish someone would pinch them already. After taking quite a PR and financial beating over the PSN breach, now the Greek site of Sony BMG has been hacked and the account info of thousands of users has been posted online.
The hackers just won't give poor Sony a break, will they? Following the infamous PSN breach last month and an attack on the company's Greek online music service earlier this week, Sony Ericsson has now seen another intrusion that extracted personal data of more than 2,000 Canadian Eshop customers.
On May 22 2011 00:05 BlackJack wrote: Why are they so vulnerable to being hacked? Are they incompetent or are the hackers just unstoppable?
Security costs time and money. Many organizations simply cut corners in keeping their security up to date (or having it tested for vulnerabilities). Often, to fix these vulnerabilities you'd need to take a service down for some kind of update, but in order to minimize downtime, businesses have taken to doing bulk updates, which leaves you exposed for extended periods.
just read that after sony, sqaure enix and eidos, codemasters is the next in line... i'm not gonna open a new thread for that since it seems to become normal that every now and then a company gets hacked these days
Codemasters The Latest Hack Victim
Passing along some unsettling news today, Codemasters has confirmed that their website was hacked this past Friday (June 3rd). Word is the hackers gained access to their corporate website and sub-domains, the DiRT 3 VIP code redemption page, the Codemasters EStore and their CodeM database. They state that customer names, addresses, emails, telephone numbers, encrypted passwords, order history, screen names, birthdays, IP addresses, Xbox Live gamertags and some other personal info may have been stolen during this breach. On the bright side, they say that no personal payment information was compromised, since they use an external payment provider for their EStore. Hit the full story to learn more
The thing with hacking is after a hacker gets in a system and sees how it works+the vulnerabilities, it's a lot easier to get back in again and again
So it's not that Sony has shitty security... it's just that the hackers know every single one of the holes in the security [every site has holes in security]
On June 12 2011 02:44 xaeiu wrote: just read that after sony, sqaure enix and eidos, codemasters is the next in line... i'm not gonna open a new thread for that since it seems to become normal that every now and then a company gets hacked these days
I also got an email from EPIC that they have been hacked and my password has been reset, nothing major when compared to Sony being hacked, but still I'm amazed this is still happening. Quote from epic below.
Our Epic Games web sites and forums were recently hacked. After some downtime, they're back up and running now.
The hackers may have obtained the email addresses and encrypted passwords of forum users. Plaintext passwords weren't revealed, but it's possible that those passwords could be obtained by a brute-force attack on the encrypted passwords. Therefore, we have reset all passwords. Your new password at the bottom of this message.
The Unreal Developer Network (UDN) hasn't been compromised. Thankfully, none of our web sites ask for, or store, credit card information or other financial data.
We're sorry for the inconvenience, and appreciate everyone's patience as we wrestle our servers back under control.
On May 21 2011 23:56 striderxxx wrote: Again??? This is why everyone should just migrate to playing SC2!
well most important is that they abaondon shitty consoles :D
This has to do with more then just consoles, many parts of sony besides playstation have been hacked. I think this is more based upon what happend with the playstation though (them removing other OS and g-hotz situation)
Man those hackers need to get out and get some sun and stop acting like children. I honestly don't see the point in what they're doing. It's not like they'll get their agenda through if they hack playstation, they're just coming off as immature mini terrorists.
On June 12 2011 03:03 frogmelter wrote: The thing with hacking is after a hacker gets in a system and sees how it works+the vulnerabilities, it's a lot easier to get back in again and again
So it's not that Sony has shitty security... it's just that the hackers know every single one of the holes in the security [every site has holes in security]
No they have shitty security. Any company storing information in plain text without hashing and salting it has a major problem. They just never hardened up
I doubt this was done just for fun. The information stored on PSN servers (users' non-encrypted RL names and addresses, credit card numbers, etc.) can be very useful to people who know what to do with it.
The hackers seem unusually persistent for an independent group though. It makes me wonder if someone bigger is behind these attacks... Perhaps a market competitor? So many fun theories.
EPT
.
