Overclock.net › Forums › Industry News › Video Game News › [btTech] Sony site offers up malware
New Posts  All Forums:Forum Nav:

[btTech] Sony site offers up malware

post #1 of 5
Thread Starter 
Quote:
When you're browsing the seedier parts of the 'net, you know to be on your guard – but you can trust Sony, surely? Not according to Sophos.

The anti-virus vendor has highlighted several pages on Sony's PlayStation 3 website that are currently peddling fake anti-virus software thanks to an automated SQL injection attack that has compromised over 700 servers worldwide. According to Sophos, visitors to the pages are treated to a fake scan for malware before being cajoled into downloading 'free' software to 'fix' the problems that are found.

Graham Cluley, a senior technology consultant at Sophos, states that most of the “millions of video game lovers around the world†would “never expect that surfing to a website like this could potentially infect them with malware,†and suggests that without adequate protection – like, say, the software produced by his employer – users are likely to find that “before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals.â€

While protection on the desktop – whether that takes the form of a virus scanner or an alternative operating system – is important for end users, it has to be remembered that it's lax security on the part of a multinational corporation that has exposed users to unexpected threats. Although the SQL injection flaw that allowed the code to be inserted into the pages has since been fixed, there was an embarrassing delay between Sophos contacting Sony – and then rather rapidly publishing its article – and the hole being patched.

While I'm sure we all take adequate precautions when surfing the seedy underbelly of this world wide web, I can't help but wonder how many people would be fooled by something that appears to come from a large corporation like Sony.

Source
post #2 of 5
lol SQL injections. Its not that hard to be protected against them....
    
CPUMotherboardGraphicsRAM
Q8300 @ 3.0Ghz EP45-DS3L Saphirre 5770 Vapor-X 6 gig A-Data 800mhz (2x2 + 2x1) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 60Gig + 4.5TB worth of drives Samsung Windows 7 Ultimate 64-bit 2xAsus VW266H 25.5" 
KeyboardPowerCaseMouse
G110 650W Cooler Master Antec 300 G500 
Mouse Pad
Razer pad 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Q8300 @ 3.0Ghz EP45-DS3L Saphirre 5770 Vapor-X 6 gig A-Data 800mhz (2x2 + 2x1) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 60Gig + 4.5TB worth of drives Samsung Windows 7 Ultimate 64-bit 2xAsus VW266H 25.5" 
KeyboardPowerCaseMouse
G110 650W Cooler Master Antec 300 G500 
Mouse Pad
Razer pad 
  hide details  
Reply
post #3 of 5
bananas are eating mah trojans.
that's bad messed up
Uhh.. Thing
(19 items)
 
TERA
(22 items)
 
 
CPUMotherboardGraphicsRAM
4690K Z97-PRO GAMER ASUS STRIX GTX1070 Corsair Vengeance 
Hard DriveHard DriveHard DriveCooling
Samsung 830 Pro Samsung 850 EVO Samsung 830 Noctua D15 
OSMonitorKeyboardPower
Windows 10 x64 Enterprise ASUS VG248QE QPAD MK-50 EVGA 750W G2 
CaseMouseMouse PadAudio
Fractal Design R5 Logitech G502 Some Steelseries thing SupremeFX -> Pioneer VSX-D711-S 5.1 receiver 
AudioAudioOther
Dali Concept 2+SUB E-12F Focusrite Scarlett Solo Logitech G27 
CPUMotherboardGraphicsGraphics
Intel i7 2700k @ 4.5GHz 1.425v with HT enabled ASUS P8Z77-V Gigabyte GTX670 OC Gigabyte GTX670 OC 
RAMHard DriveHard DriveHard Drive
Corsair Vengeanve LP White 16GB Corsair Force GT 120GB WD RED SOHO 3TB WD RED SOHO 3TB 
Hard DriveHard DriveCoolingCooling
WD BLACK 4TB Seagate 5900 LP 2TB XSPC Raystorm D5 XSPC RX480 w/ GT AP-13 
CoolingOSMonitorKeyboard
XSPC RX360 w/ GT AP-15 Windows 7 Ultimate x64 DELL U3011 Logitech K800 
PowerCaseMouseMouse Pad
Corsair HX1000W Corsair 900D Logitech G500 SARGAS 460 
AudioAudio
Denon AVR-2313 Dali Zensor 7, 5, Vocal 
  hide details  
Reply
Uhh.. Thing
(19 items)
 
TERA
(22 items)
 
 
CPUMotherboardGraphicsRAM
4690K Z97-PRO GAMER ASUS STRIX GTX1070 Corsair Vengeance 
Hard DriveHard DriveHard DriveCooling
Samsung 830 Pro Samsung 850 EVO Samsung 830 Noctua D15 
OSMonitorKeyboardPower
Windows 10 x64 Enterprise ASUS VG248QE QPAD MK-50 EVGA 750W G2 
CaseMouseMouse PadAudio
Fractal Design R5 Logitech G502 Some Steelseries thing SupremeFX -> Pioneer VSX-D711-S 5.1 receiver 
AudioAudioOther
Dali Concept 2+SUB E-12F Focusrite Scarlett Solo Logitech G27 
CPUMotherboardGraphicsGraphics
Intel i7 2700k @ 4.5GHz 1.425v with HT enabled ASUS P8Z77-V Gigabyte GTX670 OC Gigabyte GTX670 OC 
RAMHard DriveHard DriveHard Drive
Corsair Vengeanve LP White 16GB Corsair Force GT 120GB WD RED SOHO 3TB WD RED SOHO 3TB 
Hard DriveHard DriveCoolingCooling
WD BLACK 4TB Seagate 5900 LP 2TB XSPC Raystorm D5 XSPC RX480 w/ GT AP-13 
CoolingOSMonitorKeyboard
XSPC RX360 w/ GT AP-15 Windows 7 Ultimate x64 DELL U3011 Logitech K800 
PowerCaseMouseMouse Pad
Corsair HX1000W Corsair 900D Logitech G500 SARGAS 460 
AudioAudio
Denon AVR-2313 Dali Zensor 7, 5, Vocal 
  hide details  
Reply
post #4 of 5
Quote:
automated SQL injection attack
what does that mean

does that mean the servers are hacked? i thought those messages are mostly because of adwares not by servers.
post #5 of 5
Wikipedia SQL injection... and automated of course means they are automated attacks - that is, bots run them on as many servers as possible, hoping to find vulnerable ones - just like viruses on computers.
Akiyama Mio
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6420 @ stock, 0.98v Asus P5N-E SLI Gainward GTX 460 1GB @ 800/1600/1900 2x2GB Kingston @ 800MHz 5-5-5-15 2T 
Hard DriveOptical DriveOSMonitor
WD 250GB, 320GB SATA/3, 16MB Cache, Seagate 1TB LG GSA-H62N 18x SATA Ubuntu 9.10 x86 & Win7 x86 Asus VW222U 
KeyboardPowerCase
Logitech Classic Corsair 650HX NZXT Apollo Black 
  hide details  
Reply
Akiyama Mio
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6420 @ stock, 0.98v Asus P5N-E SLI Gainward GTX 460 1GB @ 800/1600/1900 2x2GB Kingston @ 800MHz 5-5-5-15 2T 
Hard DriveOptical DriveOSMonitor
WD 250GB, 320GB SATA/3, 16MB Cache, Seagate 1TB LG GSA-H62N 18x SATA Ubuntu 9.10 x86 & Win7 x86 Asus VW222U 
KeyboardPowerCase
Logitech Classic Corsair 650HX NZXT Apollo Black 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Video Game News
Overclock.net › Forums › Industry News › Video Game News › [btTech] Sony site offers up malware