|
|
|
|
|
Be Careful with Sony PlayStation Website: Sophos
By
ChannelTimes Staff
Mumbai, Jul 7, 2008
Sophos, an IT security firm, has warned gamers worldwide of possible malware infection with Sony PlayStation website. As per the company communique, the hackers use SQL injection and scare tactics to grab consumers' credit card details.
Researchers at Sophos have indicated that pages on the US-based Sony PlayStation website have been compromised by hackers. These cyber criminals have used an SQL injection attack to plant unauthorized code on pages promoting the PlayStation games 'SingStar Pop' and 'God of War'.
These hackers try to dupe web surfers by running a fake anti-virus scan, and displaying a bogus message featuring a warning against variety of different viruses and Trojan horses.
With this, they aim to scare computer users into purchasing a bogus security product. Sophos warns, however, that it would be trivial for the hackers who have compromised the web pages to alter the payload so that it became more malicious. The installed code is designed to turn Windows PCs into a botnet or to harvest confidential information from users.
Graham Cluley, senior technology consultant for Sophos said, "There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware. If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cyber criminals. It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate web pages."
|
Disclaimer |
ITNation
(India) Pvt. Limited and its sites:
www.channeltimes.com, www.techtree.com
and www.cxotoday.com provide
Comments and discussion boards as a professional medium
for the various businesses of the IT industry to discuss
business problems. Gossip, personal attacks and unsubstantiated
charges are prohibited. Messages posted on this Web site
as discussion threads or Comments (Content) are solely the
opinions of their creators and do not necessarily reflect
the opinions of ITNation (India) Pvt. Limited or its sites
www.channeltimes.com, www.techtree.com
and www.cxotoday.com.
All individuals who post material to this web site are solely
responsible for all Content that they upload, post or otherwise
transmit via the Web Site. |
| ITNation
cannot vouch for the authenticity of the user or company
names or e-mail addresses associated with posted messages.
Under no circumstances will ITNation
India Pvt.Ltd. or ChannelTimes
be liable in any way for any Content, including, but not
limited to, for any errors or omissions in any Content,
or for any loss or damage of any kind incurred as a result
of the use of any Content posted or otherwise transmitted
via the Bulletin Boards. |
| ITNation
reserves the exclusive right to edit or remove messages
containing inappropriate language or other material that
could be construed as libelous, potentially libelous, or
otherwise offensive or inappropriate. Discussion forums,
bulletin boards and chat facilities are provided by ITNation
solely for the convenience of those who make use of the
service. ITNation does not endorse the products and services
or other offerings mentioned in messages. |
|
|
|
|
|
