Sony Servers Infiltrated Abroad, Twice

 Pages 1 2 3 4 NEXT
 

Sony Servers Infiltrated Abroad, Twice

image

The war of Sony vs. hackers is still being fought on multiple fronts.

Sony still faces attacks on its web-based infrastructure shortly after finally getting the PlayStation Network back into operation after weeks of downtime due to an external intrusion. Two newly revealed attacks seem to indicate that Sony has become a very popular target.

IT security company F-Secure reports the discovery of a phishing site recently running through the use of a Sony Thailand server. The scheme targeted an Italian credit card company. F-Secure adds that while this is a malicious hack, the server used is "probably not very important."

The second attack involves So-net, an internet provider run by Sony in Japan. Vaguely similar to the PSN attack, So-net was infiltrated by an intruder that targeted its users' reward points. However, unlike the sophisticated nature of the PSN situation, the So-net intruder may have simply obtained log-in names and used randomly generated passwords to gain access to multiple accounts. A So-net warning claimed that a single IP address had attempted to access the network 10,000 times. At the end of the day, around $1,225 in virtual reward points were taken from So-net users, with 200-300 different accounts accessed. No personal information is said to have been stolen.

Sony also recently went through a situation with an exploit that allowed a PSN password to be changed using a user name and an email address without confirmation. A security expert commented to Reuters: "I think it's now 'I'm a hacker and I'm bored, let's go after Sony.'" The Sony server attacks made headlines worldwide, which was not only bad PR for Sony, but a form of pheromone for hackers that may be specifically targeting the company from any angle they can find.

Source: Reuters, via Gamasutra

Permalink

So is like the cool thing to do now?

Because if it is these people need to get a life and stop.

Now this I am against. I was all for the first hacking because that makes Sony get their shit straight. This however is just overkill.

Tom Goldman:
A security expert commented to Reuters: "I think it's now 'I'm a hacker and I'm bored, let's go after Sony.'"

The sad thing is that all it takes is a bored hacker to infiltrate the servers of one of the largest corporations in the world. Maybe that's something they should look into when even their security expert recognizes it and is actually unashamed to say it out loud.

Saw this earlier on twitter. Hilarious as an xbox owner.

Hackers: 6 Sony:0

These people need to fucking stop. It was never clever, cool, rebellious, or funny. It is dickish and pathetic.

Vrach:

Tom Goldman:
A security expert commented to Reuters: "I think it's now 'I'm a hacker and I'm bored, let's go after Sony.'"

The sad thing is that all it takes is a bored hacker to infiltrate the servers of one of the largest corporations in the world. Maybe that's something they should look into when even their security expert recognizes it and is actually unashamed to say it out loud.

Nah, they'll just have to sue their most vocal detractors, that solves everything all the time.

If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

slimeonline:
Saw this earlier on twitter. Hilarious as an xbox owner.

Hackers: 6 Sony:0

What were the other 3?

ffs this is dull

HankMan:
If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

....by stealing millions of people's information and continuing to harass the customer?

See, I never understood the argument of "this is what happens when you do this and this and this and yadda yadda yadda" because it's not helping their cause in any way whatsoever. If these hackers wanted to send a message of "don't fuck with your consumers", then their M.O. isn't exactly the best way to show that message.

Does Sony deserve some of this? Probably, I have no idea at this point. Do the consumers deserve this shit? I don't think so, no. Any semblance of altruism in these hackers must be filtered through their warped sense of justice. But they're not "for the people". They weren't the moment they stole the customer's information, the people that some say they're trying to defend, which is absolutely ridiculous.

Now it's just assholery. These continued hacks do nothing to support any cause, they're just dicks at this point.

I wonder where all this hacker rage was when microsoft was bullying retailers into letting their products undercut other companies, violating anti trust laws, banning xbl accounts that had modded systems and on and on for decades.

Some of you xbl peeps seem to have very selective memories when ms does stuff that limits gamers rights and other companies rights, just because you own an xbox. But sony does something and your all over like rabid fanbois and cheering people that are breaking the law cause "sony was asking for it".

Two words.

GROW UP.

Hell you could nitpick and make a case against apple, microsoft, sony, EA, activision, china and on and on as companies/countries that are "asking for it." But to cheer when a company you dont like is getting raped is stupid, you would not be cheering if it was one of your favorite companies or a product you support so stop doing it.

Jumplion:

HankMan:
If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

....by stealing millions of people's information and continuing to harass the customer?

See, I never understood the argument of "this is what happens when you do this and this and this and yadda yadda yadda" because it's not helping their cause in any way whatsoever. If these hackers wanted to send a message of "don't fuck with your consumers", then their M.O. isn't exactly the best way to show that message.

Does Sony deserve some of this? Probably, I have no idea at this point. Do the consumers deserve this shit? I don't think so, no. Any semblance of altruism in these hackers must be filtered through their warped sense of justice. But they're not "for the people". They weren't the moment they stole the customer's information, the people that some say they're trying to defend, which is absolutely ridiculous.

Now it's just assholery. These continued hacks do nothing to support any cause, they're just dicks at this point.

Yes it is assholery but the thing is Sony wouldn't have been targeted if they hadn't tried to stop people from jail-breaking the PS3, or given them reason to. Once people started screwing around with the PS3, it was only a matter of time before someone used that knowledge maliciously.

Hackers,or whatever the corect name is for this people, aren't targetting only Sony. To think that it's ridiculous becaus it would mean they could infiltrate any big company with a little effort. Sony gets the boot because it seems they have shit security systems. Attacks like that are sent probably each day to Microsoft,Nintendo etc but they repulse them it seems.

Sure customers have the right to be angry with this scumbags that steal their info but they should be mad the same way to Sony for not protecting them as it should. I doubt Microsoft hired all the good security experts and Sony got the retard ones.

I feel bad for them

Why is this a surprise? In Taiwan, pirated games outnumber legitimate games by several multiples. In fact, just about anything legal there is outnumbered.

slimeonline:
Saw this earlier on twitter. Hilarious as an xbox owner.

Hackers: 6 Sony:0

Yeah, it's gonna be really hilarious when they get bored with Sony, right?

Microsoft has built up a ton of ill-will from the PC community, from constantly taking a dump on PC gaming. So, best of luck.

Jumplion:

HankMan:
If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

....by stealing millions of people's information and continuing to harass the customer?

i always understood it as if you target the user's then the user's wise up and sony has to pay the brunt of it. the PSN attack got users details but it also cost sony a hell of alot in costs and trying to win their user's trust back with free games, not to mention the lost sales. these continued attacks are probably just to kick the company while it's down to show incompetence accross the board. perhaps show some sort of contempt from sony to their customers data. i wouldn't be surprised if the data isn't used for anything. it will cost sony alot more than it would cost the consumer.

theres a point and a limit to these attacks and to be fair they need to end now with a statement. saying that it's over. we need confirmation otherwise continued attacks could be anyone. besides it's just a banner that hackers have gathered under, it will die down and be "uncool" soon enough.

i for one am sad that this is the type of way that gets people's attention

Fiz_The_Toaster:
So is like the cool thing to do now?

Because if it is these people need to get a life and stop.

I don't find it cool at all. If THEY do, then it's time to see the sun again.

cerebus23:

But to cheer when a company you dont like is getting raped is stupid, you would not be cheering if it was one of your favorite companies or a product you support so stop doing it.

If it was happening to one of my "favorite" companies, they certainly would not be my favorite company any more... for argument sakes, if this had happened to xbox + microsoft, my xbox would now be stuffed in a cupboard somewere, and i would be saving for a ps3 as my trust would be completly lost in tht company

HankMan:
Yes it is assholery but the thing is Sony wouldn't have been targeted if they hadn't tried to stop people from jail-breaking the PS3, or given them reason to. Once people started screwing around with the PS3, it was only a matter of time before someone used that knowledge maliciously.

That doesn't give these hackers a free pass to steal 70+ million customers their personal information and potentially credicards, along with several other thousand from other sites. I don't care how big of an asshole the company is, you don't attack victim to deter the bully. These attacks, if truly to "teach Sony a lesson", are the worst form of teaching I've seen in a while.

It's all well and good to go "Coulda, woulda, shoulda" and "if they only did/didn't do X", but that doesn't change the fact that these hackers stole people's information. If they truly were altruistic, they would have broken in without stealing a single bit of information and instead pointing out the flaws. Maybe they'd continue to do break their system until Sony cleaned up their act, and they would explicitly tell them so.

As is, these hackers/crackers/whatever broke into various servers, stole millions of people's information, brought down a service for over a month, and continue to do so even after it's all done. I don't care if Sony deserved it or not, you instantly lose any "for the people" rally rights when you attack "the people".

So these Hackers, some of them calling themselves Hacktevists, what are they trying to accomplish? Other than being criminals and making the lives of the common man jsut a little more annoying?

I don't know if this is anon or not, but I mean if these people "fighting" Sony has any agenda, what the hell is it? And how do they think vandalism will achieve that?

Jumplion:
That doesn't give these hackers a free pass to steal 70+ million customers their personal information and potentially credicards, along with several other thousand from other sites. I don't care how big of an asshole the company is, you don't attack victim to deter the bully. These attacks, if truly to "teach Sony a lesson", are the worst form of teaching I've seen in a while.

I haven't heard of a majority of those 70 million having their credit cards or personal information used, though. The only inconvienience most of them had was having to change their password and having PSN be down for a bit. Sony are the ones that felt the brunt of the attacks, having their credibility and wallet take a hit and having to be in a position to earn trust back from consumers. The attack was effective in the endgame.

FalloutJack:

Fiz_The_Toaster:
So is like the cool thing to do now?

Because if it is these people need to get a life and stop.

I don't find it cool at all. If THEY do, then it's time to see the sun again.

Agreed. But I'd imagine it's been a long time since they've seen the sun, if they remember what it is, and might burst into flames.

cardinalwiggles:
i always understood it as if you target the user's then the user's wise up and sony has to pay the brunt of it. the PSN attack got users details but it also cost sony a hell of alot in costs and trying to win their user's trust back with free games, not to mention the lost sales.

That can be easily accomplished without stealing a single iota of personal data. Just do the exact same thing the hackers/crackers/whatever did, except leave the customer's data alone. Continue to do so, if need be, to prove your point.

these continued attacks are probably just to kick the company while it's down to show incompetence accross the board.

You know, there have been so many claims of Sony didn't update their servers, Sony ran up to date servers, Sony stored the info in plaintext, Sony encrypted their data, that I really don't care anymore. It's either incompetence on Sony's part, of extreme-competence on the hackers part, and I really don't know which is scarier.

perhaps show some sort of contempt from sony to their customers data. i wouldn't be surprised if the data isn't used for anything. it will cost sony alot more than it would cost the consumer.

Yes, the millions of user data now online will not hurt the consumer at all.

I can't believe that these hackers/crackers are doing this just to show "contempt" for Sony. If they truly wanted to stick the point to Sony, they wouldn't have stolen a single bit of information. Instead, they decided to steal from 70+ million people. That's some pretty screwed up way to get people on your side.

theres a point and a limit to these attacks and to be fair they need to end now with a statement. saying that it's over. we need confirmation otherwise continued attacks could be anyone. besides it's just a banner that hackers have gathered under, it will die down and be "uncool" soon enough.

What kind of "statement" could they make? "Yes, we are rallying against Sony's mistreatment of consumer rights by stealing said consumer's private secured information! That will show them!"

i for one am sad that this is the type of way that gets people's attention

Again, I would be more supportive of these hackers/crackers if they had not stolen a single bit of personal info. That would show restraint, that would show altruism. As it stands, they are assholes of the highest caliber. If they wanted to get attention like this, I don't think the personal data would have been needed.

Fiz_The_Toaster:

FalloutJack:

Fiz_The_Toaster:
So is like the cool thing to do now?

Because if it is these people need to get a life and stop.

I don't find it cool at all. If THEY do, then it's time to see the sun again.

Agreed. But I'd imagine it's been a long time since they've seen the sun, if they remember what it is, and might burst into flames.

Thereby proving once again that Twilight is a load of crap.

Jumplion:

HankMan:
Yes it is assholery but the thing is Sony wouldn't have been targeted if they hadn't tried to stop people from jail-breaking the PS3, or given them reason to. Once people started screwing around with the PS3, it was only a matter of time before someone used that knowledge maliciously.

That doesn't give these hackers a free pass to steal 70+ million customers their personal information and potentially credicards, along with several other thousand from other sites. I don't care how big of an asshole the company is, you don't attack victim to deter the bully. These attacks, if truly to "teach Sony a lesson", are the worst form of teaching I've seen in a while.

I don't care if Sony deserved it or not, you instantly lose any "for the people" rally rights when you attack "the people".

This is true, but I don't think the ones who hacked Sony were doing it "for the people" any more than I think people like Geohots jail-broke the PS3 to steal personal information from PSN accounts. It's not a direct 'cause and effect' or 'action-reaction' thing I'm getting at. It's more like 'Six degrees of Keven Bacon'.

FalloutJack:

Fiz_The_Toaster:

FalloutJack:

I don't find it cool at all. If THEY do, then it's time to see the sun again.

Agreed. But I'd imagine it's been a long time since they've seen the sun, if they remember what it is, and might burst into flames.

Thereby proving once again that Twilight is a load of crap.

So it is written, so shall it be known.

chronobreak:
I haven't heard of a majority of those 70 million having their credit cards or personal information used, though. The only inconvienience most of them had was having to change their password and having PSN be down for a bit.

If so, then stealing said information would have been totally pointless. They wouldn't have taken that info if they didn't have the intention of using it. And even if they are never used, then why steal it in the first place?

Sony are the ones that felt the brunt of the attacks, having their credibility and wallet take a hit and having to be in a position to earn trust back from consumers. The attack was effective in the endgame.

The belief that the hackers did all of this just to prove a point is moot considering that they could have been just as effective without stealing a single bit of info. Like I said, continue the attacks, make it cost Sony too much to ignore these issues, but don't steal anything. I think it'd make for a much better plan to slap Sony some sense.

Apart from the lack of coolness, I'm worried that once they've had a go at hacking every single thing Sony has ever published someone will get the bright idea to put another company in the spotlight.

Although I'm hopeful that the obvious other targets (Microsoft) have been secretly taking a crudload of steps in preparation for the guy with that bright idea

Jumplion:

You know, there have been so many claims of Sony didn't update their servers, Sony ran up to date servers, Sony stored the info in plaintext, Sony encrypted their data, that I really don't care anymore. It's either incompetence on Sony's part, of extreme-competence on the hackers part, and I really don't know which is scarier.

It's probably neither. This is occurring to such an extent now that it's probably just nothing is particularly safe to very interested hackers and now Sony seems to get the attention of hackers from every corner of the globe, every single thing that can be attacked will be attacked.

HankMan:
This is true, but I don't think the ones who hacked Sony were doing it "for the people" any more than I think people like Geohots jail-broke the PS3 to steal personal information from PSN accounts. It's not a direct 'cause and effect' or 'action-reaction' thing I'm getting at. It's more like 'Six degrees of Keven Bacon'.

(this is really weird to read all this with Beiber staring at me on everyone's avatar....)

GeoHotz is a complicated case. On the one hand, I don't think there was any problem with him hacking his hardware, but then he distributed the security root key software to bypass everything. Whether he had good intentions or not is kind of overshadowed by the damage he did to his cause by releasing private, secured information that, in all likelyhood, GeoHotz had no right to distribute.

If that is the case with these hackers, then they've got a helluvah conspiracy.

Jumplion:

If so, then stealing said information would have been totally pointless. They wouldn't have taken that info if they didn't have the intention of using it. And even if they are never used, then why steal it in the first place?

It wasn't pointless if their "point" was doing damage to Sony.

The belief that the hackers did all of this just to prove a point is moot considering that they could have been just as effective without stealing a single bit of info. Like I said, continue the attacks, make it cost Sony too much to ignore these issues, but don't steal anything. I think it'd make for a much better plan to slap Sony some sense.

Well, that's all well and good, it's just that this is the way they chose to go about it. Maybe there was a better way, but they didn't implement it. Maybe they will in the future, who knows what kind of other plans they have? They certainly did slap some sense into Sony, with relativly little "civilian" damage, if in fact I am right in asserting that most people have not had tons of fruadulent charges on their accounts, something that could also change if they have the intention of using the credit card info in ill will.

I just don't know if they could have been effective without doing what they did, because it didn't happen that way.

It's not cool, it's funny.

You know why? because it's so increadibly mean to others than me.

Jumplion:

HankMan:
This is true, but I don't think the ones who hacked Sony were doing it "for the people" any more than I think people like Geohots jail-broke the PS3 to steal personal information from PSN accounts. It's not a direct 'cause and effect' or 'action-reaction' thing I'm getting at. It's more like 'Six degrees of Keven Bacon'.

(this is really weird to read all this with Beiber staring at me on everyone's avatar....)

GeoHotz is a complicated case. On the one hand, I don't think there was any problem with him hacking his hardware, but then he distributed the security root key software to bypass everything. Whether he had good intentions or not is kind of overshadowed by the damage he did to his cause by releasing private, secured information that, in all likelyhood, GeoHotz had no right to distribute.

If that is the case with these hackers, then they've got a helluvah conspiracy.

This is EXACTLY what I'm on about: It's not about intentions it's about the natural progression of things. Geohotz wouldn't have tried to jailbreak the PS3 if Sony hadn't locked away all those features to begin with. There's no conspiracy at all (at least not in THIS case)
<.<
>.>
And I also know what your talking about with the Bieber thing. Try re-orientating yourself by looking at your friend avatar list, it doesn't effect that.

Are you serious? Are you gorram kidding me!? Dear god, I'm not even a ps3 owner, but sony's customers deserve far better! A good security system does not get invaded this much. Shape up Sony, dammit!

chronobreak:
Well, that's all well and good, it's just that this is the way they chose to go about it. Maybe there was a better way, but they didn't implement it. Maybe they will in the future, who knows what kind of other plans they have? They certainly did slap some sense into Sony, with relativly little "civilian" damage, if in fact I am right in asserting that most people have not had tons of fruadulent charges on their accounts, something that could also change if they have the intention of using the credit card info in ill will.

I just don't know if they could have been effective without doing what they did, because it didn't happen that way.

Giving the hackers the benefit of the doubt, what would they have accomplished by doing all this? Damaging Sony's reputation? Pft, could easily do that without hacking a huge network or something without the effort of hacking all that.

All of this hoopla has probably set back consumer rights, homebrew, and any other sort of freedom with any of Sony's future products a few years. This only reinforces Sony's, and indeed many company's, restrictive EULAs/ToS/whateverthefucktheymakeussign. What company would want to let their consumers "run wild" (from their perspective) on their system when they're just going to cause trouble with it?

Maybe some other company will take it the way that you would love, by going "Hrm, Sony did this and this and this, and it pissed people off, so let's not do this and this and this!" But even then, black-hat hackers would have no morals about this. They take the easiest target, so no matter what they do it's going to be hacked one way or another, whether open or restricted. Might as well make it harder for them.

 Pages 1 2 3 4 NEXT

Reply to Thread

Posting on this forum is disabled.