Sony's Website Hit By Hackers?
It seems that the rumors surfaced yesterday indicating another attack against Sony could be true. Some parts of Sony's software web site are currently partialy inacessible although Sony has not confirmed the reason was web attack.
The "Press Releases" section of Sony's Creative Software web site does lists a single press release and the rest entries seems to be changed. All the listed PR have the title
"Server user 'casa' is not a valid user in database 'Website'" and their desription is also the same.
Here is a screenshot of the specific section of Sony's web site:
And here is what you see once you choose to read any of the available press releases:
An SQL injection attack could change or even delete the records of a web site' s database. As a result, the changed data could appear online on a web site instead of the correct.
Sony has not yet responded to inquiries for a comment. Let's hope that the is aware of the issue and that it is not another attack against Sony.
UPDATE: Web site's data has been restored. The problem was related to some server maintenance the company was doing, according to Sony.
CNET on Friday claimed that a group of hackers was planning another wave of cyberattacks against Sony during the weekend. Citing the words of "an observer" of the Internet Relay Chat channel used by the hackers, "a third major attack is planned this weekend against Sony's Web site."
According to the plan, hackers would publicize all or some of the information they are able to copy from Sony's servers, which could include customer names, credit card numbers, and addresses.
Should the planned attack succeed, it would be the latest blow in a series of devastating security breaches of Sony's servers over the past month.
Several weeks ago the hacker group known as Anonymous targeted several Sony Web sites, including Sony.com and SonyStyle.com, with a distributed denial-of-service (DDoS) attack in retaliation for what its members saw as Sony's unfair legal action against hacker George Hotz. Two weeks ago Sony's PlayStation Network, along with its Qriocity service and Sony Online, were the target of an attack that exposed the personal information of more than 100 million Sony customers. Sony was forced to shut down PSN, Qriocity, and Sony Online, and is currently working to bring them back online after rebuilding the security of its servers.
The hackers of the PSN have not been identified, but Internet vigilante group Anonymous, which had claimed responsibility for previous attacks on Sony and other corporations, denied it was behind the data theft.
Here is a screenshot of the specific section of Sony's web site:
And here is what you see once you choose to read any of the available press releases:
An SQL injection attack could change or even delete the records of a web site' s database. As a result, the changed data could appear online on a web site instead of the correct.
Sony has not yet responded to inquiries for a comment. Let's hope that the is aware of the issue and that it is not another attack against Sony.
UPDATE: Web site's data has been restored. The problem was related to some server maintenance the company was doing, according to Sony.
CNET on Friday claimed that a group of hackers was planning another wave of cyberattacks against Sony during the weekend. Citing the words of "an observer" of the Internet Relay Chat channel used by the hackers, "a third major attack is planned this weekend against Sony's Web site."
According to the plan, hackers would publicize all or some of the information they are able to copy from Sony's servers, which could include customer names, credit card numbers, and addresses.
Should the planned attack succeed, it would be the latest blow in a series of devastating security breaches of Sony's servers over the past month.
Several weeks ago the hacker group known as Anonymous targeted several Sony Web sites, including Sony.com and SonyStyle.com, with a distributed denial-of-service (DDoS) attack in retaliation for what its members saw as Sony's unfair legal action against hacker George Hotz. Two weeks ago Sony's PlayStation Network, along with its Qriocity service and Sony Online, were the target of an attack that exposed the personal information of more than 100 million Sony customers. Sony was forced to shut down PSN, Qriocity, and Sony Online, and is currently working to bring them back online after rebuilding the security of its servers.
The hackers of the PSN have not been identified, but Internet vigilante group Anonymous, which had claimed responsibility for previous attacks on Sony and other corporations, denied it was behind the data theft.
