PlayStation Website Reportedly Hacked
Hackers have reportedly infiltrated Sony's U.S. PlayStation [http://www.us.playstation.com] website in an attempt to gain credit card information from unsuspecting users.
God of War [http://www.sophos.com/] pages on the PlayStation site that display false messages telling users their computers have been infected with spyware and viruses, and offering them a link to download "Antispyware" software.
Sophos said the intent is to scare users into buying "bogus" security software, but added, "It would be trivial for the hackers who compromised the webpages to alter the payload so that it became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest confidential information from users."
"There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware," said Graham Cluley of Sophos. "If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals. It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate webpages."
Sony has not yet responded to a request by Sophos website [http://www.mcvuk.com/news/31043/Hackers-infiltrate-official-PlayStation-site].
Permalink
Hackers have reportedly infiltrated Sony's U.S. PlayStation [http://www.us.playstation.com] website in an attempt to gain credit card information from unsuspecting users.
God of War [http://www.sophos.com/] pages on the PlayStation site that display false messages telling users their computers have been infected with spyware and viruses, and offering them a link to download "Antispyware" software.
Sophos said the intent is to scare users into buying "bogus" security software, but added, "It would be trivial for the hackers who compromised the webpages to alter the payload so that it became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest confidential information from users."
"There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware," said Graham Cluley of Sophos. "If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals. It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate webpages."
Sony has not yet responded to a request by Sophos website [http://www.mcvuk.com/news/31043/Hackers-infiltrate-official-PlayStation-site].
Permalink