Sony Website Hacked By the "Lulz Boat"

RA92

New member
Jan 1, 2011
3,079
0
0
Akalabeth said:
Anyone who gives these people money might as well set a match to it instead.
Hey, MS could make some donations, and it would be money well spent for them...

I mean, they've been deliberately sabotaging the PC with GFWL, I can easily picture them gleefully jumping into this.
 

Iznat

New member
Feb 13, 2010
403
0
0
This is getting stupider than ever.

I see no reason for this. I mean, damn it, be content with hate mail or something, quit fucking around with shit I want to use, ie, my things from Sony D:
 

sunburst

Media Snob
Mar 19, 2010
666
0
0
Jonny49 said:
Can these people display Sony's terrible security without stealing everyone's shit?
Tell everyone on the internet that you've found Sony's security to be lacking and you will hear the sound of exactly zero shits being given.
But steal and display the personal information of one million people and suddenly it's a big deal. So in answer to your question, no they can't.
 

Dumori

Dumori(masoddaa)
May 28, 2010
91
0
0
spasicle said:
Storing user passwords in plaintext is beyond inept. Even the most basic forum software hashes passwords, Sony really is asking to be hacked. And a SQL injection? Ridiculous.
Exactly sounds like time or bandwidth was all the stopped them from looting more data with that security. Gezee I could brake that in my sleep or at least easy. I know forums with 12 uses more secure. Even if it was a complex injection it's still an amazing flaw.

Info on SQLIA http://en.wikipedia.org/wiki/SQL_injection

Before people yell hacker at me I do identify me self as one. How ever the media has really corrupted what it means. These guys are crackers and at the very best gray hated ones. My knowledge on these topics comes from yes naive playing around in my younger years. I used to crack sites mostly for the fun and challenge never touched never took down or sabotaged. My more up to date knowledge is from friends that are more active on both sides of the fence as well as my continual interest in cryptology and cyber security.
 

coldfrog

Can you feel around inside?
Dec 22, 2008
1,320
0
0
Jonny49 said:
Can these people display Sony's terrible security without stealing everyone's shit?
Agreed. If they were really well-intentioned, they wouldn't release the information - they'd send it back to Sony and tell them what they did wrong. Maybe even offer a solution. But I think most of these people don't care about who they're attacking, they're doing it because they can and use the "exposing weakness" excuse as a cover-all to try to keep people on their side. They're not on the side of the customers, they're just against the big corporations, and any collateral damage is incidental in their crusade.
 

Laze

New member
Apr 17, 2009
21
0
0
I'd like to point out amidst all the "WHY WOULD YOU HACK A LEGITIMATE CORPORATION" outcries:

There are very well-loved white-hats who do similar (albeit not quite as malicious) things in order to attract necessary attention to security flaws before they get discovered by the real criminals. Look up Dan Kaminsky for the Ur-example of this.

They go about it in more professional ways, generally, giving the businesses affected a reasonable length of time after the exploit before making the vulnerability public, so that a fix can be implemented or at least started. But they still break in.

There was an especially reminiscent incident posted on Slashdot a while back about a guy who sat in an Internet cafe and got access to Facebook accounts of people in the cafe, logged in as them, and sent them messages basically saying "You have been hacked. Stop sending private data over unsecured connections on public wireless."

I seem to remember Kaminsky stealing Youtube traffic and rerouting it to a fake site or some other publicity stunt like that with his DNS hijacking/spoofing attack.

So yes, the Lulz Boat is almost certainly doing it "for the lulz". That doesn't mean that there wasn't another motive. I'd argue that bringing attention to the vulnerability before, say, someone with a botnet for e-mail spam or identity theft found it, is very much worth the lulz. Assuming that this group doesn't act like typical Anonymous idiots by making the personal information public, that is.
 

Snow Fire

Fluffy Neko Kemono
Jan 19, 2009
180
0
21
I'm glad the hackers had good intentions, this much information could have been sold, but posting the information they took to the public record makes it all worthless now, any related parties will know which accounts were affected. If they would have sold it, how long would it have taken Sony to notice. Someone could have made quite the mess. That aside, Sony is getting a taste of their own medicine, again, for not adequately protecting their users private information. Not looking good for Sony these days.
 

Vigilantis

New member
Jan 14, 2010
613
0
0
I dont understand, I mean even if they had some top of the line security anti-haxxor crap and it took the hackers years+ to hack it in the end they would still say that Sonys security is hackable (as is everything else) and put them down as if they are garbage would they not? I have no doubt that if these same people put effort in doing the same to other companies such as Microsoft or Nintendo there would be an equal amount of damage and the "message" the same.

I put my faith in them (Sony) because I have yet to be wronged by them, you see before all this shit hit the fan I was pleasantly fine with their services, and still am after they have somewhat recovered.

When Sony gets hit in the balls, so do I.
 

DaxStrife

Late Reviewer
Nov 29, 2007
657
0
0
"From a single injection, we accessed everything. Why do you put such faith in a company that allows itself to become open to these simple attacks?"
Why should we put faith in a group of hackers who steal our information "for the lulz?"
 

killamanhunter

New member
Mar 24, 2009
204
0
0
anyone think that these guys said this:

"0 lol guyz mabee we shud dr0p Sony with 1337 Hax0rz!!111!"

"h4h4 lol!"

Yeah I didn't know I could speak internet that well either
 

Echo136

New member
Feb 22, 2010
1,004
0
0
So basically their point is: Dont put your faith in sony because their security is shit, oh ya and we stole your personal information and we want your money so we can do it again. What the fuck.
 

Fiz_The_Toaster

books, Books, BOOKS
Legacy
Jan 19, 2011
5,498
1
3
Country
United States
Ya know, those hackers can drop that noble shit because I'm not buying it. I couldn't give two shits what kind of hacking tactic they used to get access to the info, they still hacked in and were able to get to it. Forgive me for not singing their praises, I'm getting really tired of this and it really needs to stop.

Also, Lulz boat, really? That's the dumbest name I've ever heard, good job gang.
 

Kopikatsu

New member
May 27, 2010
4,924
0
0
DevilWolf47 said:
Seriously Sony? Again? How is it that a major corporate power can be hacked to such a high level so many times? I know determined groups can overwhelm sophisticated defenses, but honestly. Did Sony upgrade their cyber security after the PSN catastrophe?

I agree with LulzBoat here. If Sony hasn't heard their lesson yet they deserve to be humiliated by web memes.
Sony redid the PSN and buffed up the security on the gaming side of things. They never mentioned their other departments...probably because they figured noone would bother looking there.

Guess Sony made a mistake on that one...
 

Bob_F_It

It stands for several things
May 7, 2008
711
0
0
If I recall correctly, threatening to post someone's personal information to the public and asking for money is called blackmail.
 

Shadie777

New member
Feb 1, 2011
238
0
0
Well, fuck you LulzSec.
There are other means to showing that Sony has rubbish security. I give a example that was already stated, they can tell them how to improve. But they obviously don't give a shit and are damaging not only the corporation but the customer, its just for the "lulz".
I just hope that Sony gets their shit together, this is getting stupid.

I really wouldn't mind seeing LulzSec getting destroyed in a spectacular manner. Why haven't they been stopped yet?
 

spasicle

New member
Nov 9, 2009
20
0
0
Vigilantis said:
I dont understand, I mean even if they had some top of the line security anti-haxxor crap and it took the hackers years+ to hack it in the end they would still say that Sonys security is hackable (as is everything else) and put them down as if they are garbage would they not? I have no doubt that if these same people put effort in doing the same to other companies such as Microsoft or Nintendo there would be an equal amount of damage and the "message" the same.

I put my faith in them (Sony) because I have yet to be wronged by them, you see before all this shit hit the fan I was pleasantly fine with their services, and still am after they have somewhat recovered.

When Sony gets hit in the balls, so do I.
But the thing is they've put ZERO effort into security. It's mind boggling to anyone who knows a shred of information on security that Sony is falling prey to these types of attacks. No one is calling Sony out because their system isn't impregnable, no system is impregnable. The problem is Sony hasn't put in place the most basic security measures to protect their user's data.
 

RoBi3.0

New member
Mar 29, 2009
709
0
0
Keep it up Sony Hackers the larger the trail you leave; the easier it will be for you to be found and brought to justice. Your own ambition will be your down fall.