A couple of webpages advertising games (SingStar Pop and God of War) for the United States Playstation 3 gaming console were “compromised” says virus and internet security analysis company “Sophos.”
SQL injection vulnerabilities in the PS3 websites were taken advantage of, and subsequently, the hackers introduced a code that showed pop-ups. The pop-ups showed a false message telling the user that their computer was under attack by a virus. They would then be led to a website selling virus-fighting software. It’s a little black hat, but that is good affiliate marketing.
Graham Cluley, Technical Consultant at Sophos, has his share to say about the incident.
“There are millions of video game lovers around the world, many of whom will visit Sony’s PlayStation website regularly to find out more about the latest console games,”
“Most would never expect that surfing a website like this could potentially infect them with malware.”
“It is essential that all websites, especially high profile ones like this, have been properly hardened to prevent hackers from injecting malicious code into legitimate web pages.”
It is especially alarming that this could happen with such a large personality like Sony and the Playstation 3. The hackers could have easily used the code to do more harm to users, making them bots or drones for more viral maliciousness. Imagine how easily a hacker could take out Blogosis. Oh Noezzz…
[via vnunet]
