Sections

Rumour: Hackers planning another attack on Sony

Friday, 6th May 2011 05:18 GMT By Brenna Hillier

Hackers are said to be planning yet another offensive against Sony, and have apparently claimed responsibility for the attacks of April 16.

CNET reports it was informed of the hacker’s plans by a source watching an IRC channel. No logs or screen captures have been produced. Shake some salt on.

Apparently claiming to have access to Sony servers even now, the hackers reportedly intend to publish information retrieved in the upcoming attack, and will target user’s personal data, including credit card details.

The source reported the attack will take place this weekend, and will be the group’s third attempt. It’s unclear whether this refers to the twin attacks on the PlayStation Network and Sony Online Entertainment, or the Anonymous-backed DDOS campaign against Sony sites.

Anonymous has denied any connection with the attacks on the PSN, although Sony has revealed it found a suspicious file on its servers in the aftermath, seemingly pointing at the hacktivist group’s involvement.

Sony has hired several network security firms and investigators in the wake of the attacks, and has been accused of negligence in protecting user data.

The PSN is expected to come back online before the end of the week, following final testing.

Thanks, Nozz.

Latest

52 Comments

  1. neon6

    How does this help the consumer?

    #1 4 years ago
  2. Christopher Jack

    If the hacking community cared about the average Joe, we wouldn’t be plagued with malicious viruses & malware etc.
    Homebrewers are alright because they’re essentially programmers without licenses, it all depends on what they’re programming.
    Hackers do whatever benefits them, as far as they’re concerned, killing Sony’s reputation will benefit them considering Sony’s stance against piracy-which is a direct link with piracy.
    The only reason that Sony Ericsson unlocked the bootloader on their phones was entirely a PR decision to display that Sony don’t hate hackers (I believe that Sony itself might have too with their upcoming tablets, not 100% though), they just the pirates. Since Sony has a minimal foothold on the Android OS, they couldn’t give much of a fuck about pirates on Android (unless you count emulating ROMs as piracy, which it essentially is).
    I’m not saying that all hackers are malicious, but obviously all malicious hackers are well… hackers.

    #2 4 years ago
  3. Tizzo86

    this shit is crazy if they gonna do this again…sony said by tuesday…den they said with-in this week…then n a letter from 1 of the top guys say PSN may b up in the comin days…den i come to this den read this mess…whats goin on in this world we live n

    #3 4 years ago
  4. NightCrawler1970

    SHIT, WOW!!! U GOT BALLS man, i see you behind bars, i underestimated..
    Why Sony?? why not Xbox???

    Ya’ll hackers have ya last SUPPER at McDonald and hacking Sony for the last by wifi, within 5 minutes ya’ll behind bars, the whole nation security will be on ya ass… FBI, CIA, NSA, ATF, Home-land Security, INS(in case illegal mexicans on laptop, swear by god, yall be thrown over the Texas border.. and next time when ya cross the border, you will be shot, and survivors will be shot again…. for those are American citizen, ya’ll gonna locked up and see the world goes by, for a very long time….

    #4 4 years ago
  5. Artheval_Pe

    Those guys are not in to help the consumer, but to make money selling his credit card details and personal data. Most hackers are part of criminal organisations that thrive on the abuse of people and the use of their personal data for phishing, fraud, etc…

    Anonymous, GeoHot and Cie are a pretty unique bunch. But it’s not because they use their talents for illegal political activism that all hackers do the same.

    Using the same name for people who use the same skills for completly different goals and calling them all “criminals” has lead a lot of people to forgot that there were also REAL criminals out there.

    @ NightCrawler1970 : Are you out of your mind ?

    By the way, for your information, most of the criminal hackers are linked with the russian maffia and live in Russia or in Eastern European countries, so way out of US Jurisdiction, and they probably don’t plan on ever going to the United States.

    #5 4 years ago
  6. Christopher Jack

    Why is it that they treat Sony different to every other corporation? I’ve seen Microsoft, Nintendo, Apple & countless others pull similar moves to Sony & most do such much more frequently. I guess it’s because of the publicity Geohot got from major websites & even television. Can’t they just protest in a more constructive manor? Like a personal boycott-like I’ve done with Apple. My boycott will end when they finally release a product with a realistic price reflecting it’s hardware. At least I’m not taking down the App store & accessing it’s database.

    #6 4 years ago
  7. artistadam

    *facepalm*

    really?! come on, really?? give us back our systems, you hackers… we were just fine before you came along… why does it always take one to ruin it for the rest of us?? since grade school, it’s always been this way…

    95% of PS3 users don’t give a $%&# about what you are trying to accomplish… give up and let us get back to supporting independent companies that you are unintentionally robbing money from since the network went down… did you ever think of them, the little guys trying to make a name for themselves?? didn’t think so, you are too busy trying to bring the giant boss down for no reason at all…

    #7 4 years ago
  8. Christopher Jack

    True, without GeoHot hacking Other OS, we’d still have it, he still didn’t learn his lesson & used that as an excuse to further accomplish his goal-making the PS3 a haven for pirates & malicious hackers alike, well that may not have been his goal but surely he must have acknowledged that possibility.

    #8 4 years ago
  9. Artheval_Pe

    You don’t seem to understand. Sony has been attacked and might be attacked again by professional criminals, by people who are paid to steal credit card details and personal data in order to make money. Those people do not care the slightest bit about PSN users or about being constructive. They are NOT Anonymous or activists.

    #9 4 years ago
  10. The Juice707

    I don’t care what there intentions are anymore. Anything positive they expected this attack to have has been completely destroyed. I have a rooted android phone, a modded xbox and xbox 360- I understand why it is fun to break past the line that these big companies have set, but this has had an effect on far more than just Sony. I personally have been unable to play Portal 2 coop yet. That is not just a bad thing for me, it is a bad thing for Valve. And they aren’t even a dev that is dependent on the PSN. All those developers of PSN downloadable games are literally cut off from every customer. Credit card companies and banks have had to scramble to protect there users. And it goes on! It has gone way too far. If you are going to use your hacking expertise for something, why not use it in a way that doesn’t make you the world’s most despised target (Osama is gone. You are next, you bunch of dicks)

    #10 4 years ago
  11. Christopher Jack

    Did they tell you that they were not Anonymous? In a group as misguided & chaotic as that, there’s probably just as many malicious users as there are legitimate activists.

    #11 4 years ago
  12. Shonak

    I suppose these hackers just do it for the fun of it and because they are capable of it. Complaining doesn’t help much, its up to Sony. But seriously, if these guys try another attempt to hack the PS3 they sure proof that they have at least balls (which they need once they are behind bars)

    #12 4 years ago
  13. artistadam

    it’s the sad truth, Artheval_Pe… i just want to get back to playing games online and enjoying the reason why i bought the system in the first place… sure i can play SP and even use a functional netflix… but i am missing out on network games and minis, released by very talented independent companies… and not having the ability to play some GTAIV or uncharted 2 online with friends i hang out with almost daily…

    i know anonymous and geohot didn’t want to mess with the user base, but they opened a can of worms for others that didn’t give a shit and are ruining it for the rest of the class… i guess we’ll all be staying after class now thanks to neo…

    #13 4 years ago
  14. NightCrawler1970

    @12, i can read the hackers mind —-> NO GUTS, NO GLORY….but.. they got balls…big big balls…

    #14 4 years ago
  15. Artheval_Pe

    @ Christopher Jack : What indicates that Anonymous is responsible ? The fact that Anonymous has had a lot of exposure recently in the media doesn’t mean that they are the only hackers around.

    Most people have been tossing their name around because it gives them a target to their anger. It is not very serious.

    There as been for several years and there still are a lot of professional criminals specialized in fraud involving credit card details, personal data, online accounts, etc… gathered through hacking and phishing. Do you seriously think that those organisations would have stay idle and that political activists would have destroyed their reputation in such a way, while at the same time they show that they care so much about it ?

    I don’t think so. It’s like thinking that the car that you left open in the middle of a favela in Brazil has been stolen by other tourists from your nation.

    #15 4 years ago
  16. G1GAHURTZ

    Oh dear, oh dear.

    Even this simple rumour is enough to cost Sony another few hundred thousand lost PS3 sales…

    It’s all a bit harsh really, because however people may feel about Sony, they definitely aren’t the most offensive corporation in the world.

    #16 4 years ago
  17. Cygnar

    @5
    The mere fact that someone is not located in the US doesn’t mean that a US court can’t have personal jurisdiction over him. Having certain kinds of “minimum contacts” with a US state is enough for a court to assert jurisdiction. Imagine suing a Chinese manufacturer that sells a defective product in the US. The mere fact that the manufacturer is outside of the US is not going to prevent a lawsuit, and in fact these sorts of lawsuits happen all the time. This sort of jurisdiction that reaches over international borders is not unique to the US. There may also be international treaties, etc., that make it easier for courts to get at defendants outside of their own borders.

    Depending on the location of the database, and the nature of the hackers’ conduct towards the state where the database was located, it might not matter if the hackers had never even visited the United States–their location will not save them from a lawsuit when other circumstances make jurisdiction proper. This of course says nothing about their possible criminal liability. Whatever country harbors these people may just hand them over to the United States if a criminal prosecution gets off the ground.

    I am no expert on criminal procedure or in personam jurisdiction in these sorts of cases. I can tell you, though, that jurisdiction is a very old concept and it is struggling to evolve in response to new technology such as the internet. I hope this case goes to trial, because it’s an important, high-profile situation that could make some interesting new precedent along the bleeding edge of internet-related law.

    As for the hackers, it looks like they plan on testing Sony’s new security measures. If Sony has IP addresses or other kinds of information relating to an unauthorized network access, the hackers really aren’t going to remain nameless for long. Even the use of proxies is not foolproof, and quite a bit of information is subject to subpoena during a criminal investigation. I don’t know what to make of the comment that these people have access to servers that are currently offline, but suffice it to say that their attacks aren’t coming from Playstations. Their mode of access to the database is unknown, and the remarks from Sony that the databases have been physically relocated to a more secure location makes me wonder whether the attack occurred merely through a network connection. I can only speculate. Sony and the FBI are in all likelihood privy to the specific details of the last attack, and if another attack occurs, the authorities will more likely than not be able to obtain enough information to locate the parties responsible and keep them from ever using computers again.

    Theft is no way to teach a corporate entity a lesson about consumer rights, and it is no way for these people to waste their talent. We’ll see soon enough whether or not their crimes pay off.

    #17 4 years ago
  18. mojo

    wow, that wuld be massively epic..
    seriously if they *once again* successfully wipe the network sony realy fucked things up big time.

    #18 4 years ago
  19. OrbitMonkey

    @16 These rumours are going to dog the ps3 to the end. Hell, bored MS exec’s are probably thinking up juicy new ones right now -_-

    #19 4 years ago
  20. azmza

    So how much microsoft paid to hackers to do this ?!.

    #20 4 years ago
  21. TheWulf

    Oh Gods, this’ll be good…

    So! Let’s do something fun with this. Betting pool: How many terrorist/conspiracy theories will arise from the potential second bored hacker to try their hand against Sony’s security? 5? 500?

    #21 4 years ago
  22. TheWulf

    @2

    Saying that the hacking community are all responsible for this is like saying that all gamers are wife-beating misogynists. Most hackers are either working for security firms to make your life better, or doing it as a harmless hobby.

    If you want to paint broadly with fallacious generalisations, prepare to have the same directed back at you.

    #22 4 years ago
  23. Robo_1

    I’m calling bullshit on this.

    The network has been down, so presumably that means it’s been disconnected from the internet, so how in the hell do they still have access to Sony’s servers, and maintained access whilst three security firms have been conducting forensic analysis.
    On top of that, when everything comes back, presumably all personal data is going to be encrypted, so they shouldn’t be able to post anything which resembles actual data.

    I think this is someone just rattling the cage. If CNET are citing IRC channel’s as credible sources then that’s pretty funny, as there’s nothing stopping me (or anyone else) from logging on and claiming the same.

    Also, this made me laugh:

    “A group of hackers says it is planning another wave of cyberattacks against Sony in retaliation for its handling of the PlayStation Network breach.”

    So in retaliation for Sony’s handling of hackers breaking in and stealing private info, these hackers are going to break in and post private info????

    Pure lol, they’re criminals, and that they’re posting this sort of BS as their justification, only reinforces that fact.

    #23 4 years ago
  24. TheWulf

    @23

    Could be someone on the inside, unfortunately. :| Seriously, this should stop now that Sony has finally pulled their pants up. (Shame it took someone pointing out that their pants were down for them to do that.)

    #24 4 years ago
  25. NightCrawler1970

    There is a way to boot up a server that is offline(under standby mode), just to wake the server up, it called “wake-up by LAN”.. most Intel and i think also AMD mainboards have that feature, to remote access and wake up that server and that server start to boot up till(windows i guess) or in linux, and the hacker can penetrate the server again, in this case downloading more credit-debit cards to his/her mem-stick…my PC have that feature but i disable it…

    #25 4 years ago
  26. Robo_1

    If it’s an inside job (and you’re right, it could be) then hypothetically, I’d image there’s a clearer trail of bread crumbs to follow back, as I imagine that somebody on the inside would be abusing their login info/insider knowledge to gain access, rather than brut forcing the server.

    Sony did let a lot of SOE staff go recently, so it’s not the biggest stretch of the imagination to suggest the attacker could be a seriously disgruntled ex-employee, using their knowledge of the network to exact a costly revenge for being sacked. Throw in an Anonymous file and deflect the blame.

    As far as I know though, Anonymous already exposed a lot of information regarding the location and set up of Sony’s servers, so I think it’s more likely that when that much information was exposed, a far more nefarious hacker/hacker group used that information to stage this attack.

    I believe whoever did this, did it with criminal intent, not as a form of protest. A protest would have been taking down sony.com and replacing it with the metldr key or something like that, not fucking up millions of peoples personal identity, and turning people against your cause.

    #26 4 years ago
  27. Christopher Jack

    @22, You’re wrongly interpreting my words yet again.
    Did you even read my last sentence or you’re just guessing your way through my post then prematurely responding? It’s clear that I’m referring to malicious hackers, not ones that screw around their own OS for the lulz or programmers (Which use hacking techniques but doesn’t necessarily make them malicious hackers).

    #27 4 years ago
  28. Freek

    @22, Well said.
    This whole thing is getting verry silly.

    Are we still bringing up Geohotz? And somehow blaming jailbreaking consoles?
    Every bitt of electronics released get broken open mere months after release. DS, Xbox 360, Wii.
    Non of that effects their network security and as much as publishers bitch about piracy it’s still a drop in the ocean of sales. It diden’t prevent the Wii and 360 from becomming the most popular and proffitable hardware platforms on the market.

    #28 4 years ago
  29. DrDamn

    @24
    Some of the statements Sony made initially were worded quite strangely talking about physical security measures which alluded to the possibility of an inside job. I thought it was odd at the time.

    @The Story
    This wasn’t even witnessed by CNET representatives, it’s a source who said they saw something and reported it to them without further back-up to the story.

    “Apparently claiming to have access to Sony servers even now, the hackers reportedly intend to publish information retrieved in the upcoming attack, and will target user’s personal data, including credit card details.”

    Came from …

    “The people involved plan to publicize all or some of the information they are able to copy from Sony’s servers, which could include customer names, credit card numbers, and addresses, according to the source.”

    Could contain CC numbers is now something they are definitely targeting?

    #29 4 years ago
  30. Christopher Jack

    “in retaliation for Sony’s handling of hackers breaking in and stealing private info” Well the root key was private info & the backlash from Sony’s reactions caused the DDoS attacks & the network breach. Who gives a flying fuck what their movies are, doesn’t excuse their actions.

    #30 4 years ago
  31. Blerk

    Hmm. No evidence either way, so I’m calling ‘hot air’.

    #31 4 years ago
  32. thebaronvp

    Honestly, this sounds like a load of BS.
    FBI and Homeland Security are already on the case, I doubt even stupid kids would attempt another hack now, let alone criminals.. those people know when it’s time to lay low.

    So in my opinion it could be one of the following:
    1)They need more time to fix the PSN and this is a good way to buy more time or
    2)There is no hack going on, it’s all a make believe to show how uber and powerful the improved security is “look, this time they couldn’t get in, thanks to our super security!”

    Then maybe they’re going to arrest the hackers responsible for the previous hack, because it could very well be that they have been identified already.

    International borders do not offer much protection on an attack of this magnitude, I can’t believe that “hacktivists” or criminals who’re in it for the money would attempt another hit now.

    #32 4 years ago
  33. Gekidami

    ^ Tinfoil hat at the ready.

    #33 4 years ago
  34. thebaronvp

    Tinfoil hat, sure.
    I offered an explanation to show why it doesn’t really sound believable that they would attack again while FBI and Homeland Security (not exactly some yellow pages P.I.), would you care to explain why you think it is believable they would? :)

    #34 4 years ago
  35. Ireland Michael

    This article is nothing more than cheap tabloid piece intended to illicit a specific response out of people to increase exposure and traffic through propaganda journalism.

    The source of this news story is incredibly weak.

    Reading VG247 lately is like reading the Daily Mail, which is why I can barely be bothered to click the link to the place anymore. With brainless twits like TEA shitting up nearly ever thread again, that’s probably a good thing.

    Its been fun, but with dozens of people losing their homes here in Illinois, being without homes and shelter, I honestly find it really, really hard to give two shits about the status of an online gaming network.

    Peace.

    #35 4 years ago
  36. Stoopid_Snot

    @5
    hahaha you made my day…. Russian Mafia and Eastern European countries…
    LOL
    anyway by attacking an International co. does this not mean that it will be international law breach, not only a breach of whatever countries Sony is based in

    #36 4 years ago
  37. frostquake

    At this point, all hackers would be doing with a 3rd attack on Sony, is Sealing their FATE with the Consumers massive HATRED!

    I keep seeing ppl saying, “Well Sony BRAGGED about their security, so they were ASKING for it!”

    True NO ONE likes a BRAGGER, but that still doesn’t give them the Right to attack SONY, and it wasn’t like CONSUMERS on FORUM boards were bragging, but yet they attacked the CONSUMER!

    HYPOTHETICAL SITUATION:
    Just because MAX BRAGS on and on and on that he is going to LIVE to a ripe age of 104, doesn’t give anyone the right, to take a GUN and go out to his house and shoot him in the HEAD and KILL him at the AGE of 19, and then say..”Well he deserved it, he was bragging about how long he was going to live!!”

    And if I follow along the lines of the HACKERS line of Thinking, instead of SHOOTING Max in the HEAD, they SHOOT all of his FAMILY members in the HEAD, but Leave MAX alone!!

    Sorry ANON, saying consumers are Merely causalities of your War and then saying out of the other end that you are doing it for the consumers, tells me you are in it for yourselves and not the Consumers you hurt!

    REMEMBER ANONYMOUS:

    WE ARE CONSUMERS
    WE ARE LEGION
    WE DO NOT FORGIVE
    WE DO NOT FORGET
    YOU SHOULD HAVE EXPECTED THIS!

    #37 4 years ago
  38. Blerk

    I don’t think the people who did this hack were doing it “for the consumer’s rights”, they were just fucking Sony about for fun.

    Bringing the network down again as soon as it comes back up would be the holy grail though, I’d be surprised if they don’t come under attack very quickly – can you imagine the embarrassment if they brought it down again within days?

    In theory Sony should’ve done their job properly this time, though. Unless there’s an insider they should be okay, in theory.

    #38 4 years ago
  39. Iliad

    If Anonymous are truly not behind this attack like they claim then they would do themselves some serious good PR by using their obvious talents to help find the malicious people behind it and report them to the authorities. Not only to clear their own name, but to salvage some respect with the consumer that’s been the most hurt by this cyber attack on Sony.

    If Die Hard 4.0 taught us anything, it’s that hackers know other hackers… and one of them surely has an idea who might be behind it.

    #39 4 years ago
  40. OlderGamer

    I agree with a couple of you guys(G1GA and Robo) Just saying they will attack again should be enough to cause panic and have people pulling their CC/personal info from the PSN systems. Maybe even canciling their accounts.

    Sony is giving away a month of PSN+ as much in my mind to keep users from pulling said info and closing said accounts.

    This announcment looks to undermind that effort.

    #40 4 years ago
  41. strikkebil

    if PSN goes down again this weekend(if it goes live that is) its over for the PS3. and NGP and SONY.

    #41 4 years ago
  42. Kerplunk

    In light of this rumour I wonder how many people are ready to point the finger at Sony all over again and are still doing absolutely nothing about their own responsibility for their own data security.

    After all, if this is to be considered a warning to Sony, it’s a warning to consumers as well. Are they going to heed that warning or just do nothing?

    There’s a lot people can do to look after themselves. Sitting around placing blame isn’t one of those things.

    #42 4 years ago
  43. DrDamn

    @40
    It’s hardly an “announcement” is it? It’s a dubious, unconfirmed, unverified rumour.

    #43 4 years ago
  44. OlderGamer

    Ok then not announcment. But more in terms of whomever started this rumour, seems to me to be aiming it at undermining Sonys efforts to welcome back users once PSN comes back up.

    But whomever started this rumour, did so intend it as an announcment, imo.

    Thats what I meant.

    #44 4 years ago
  45. DrDamn

    A side point, which blows holes in that argument, is that the attack according to CNET (the source of this article) is to be on Sony’s Website – not PSN. Something not clear from this article at all.

    #45 4 years ago
  46. OlderGamer

    Good point Doc.

    #46 4 years ago
  47. Kerplunk

    @45 It’s just FUD. People will see what they want to see.

    #47 4 years ago
  48. biocane

    But in the end did we understand where VG247 got that wrong April 16 date?

    #48 4 years ago
  49. G1GAHURTZ

    Let’s wait and see if it turns out to be true.

    #49 4 years ago
  50. frostquake

    @ G1GA
    @Kerplunk
    No way will I ever wait to see if it is true. All waiting got me, was a service I couldn’t sign into to delete all my stuff!!

    Its like when they Predict a Tornado here, we don’t wait to see if it will happen, we get prepared and bunker down..better to be safe then sorry!

    Though in this Case…there is NOTHING I can do, because I can’t do anything with my account! LOL

    Kerplunk, actually that is all we can do now, until the service comes back up. And, they do need it to be up for a couple of days, because not everyone can stop working, sleeping and other daily activities to sign in and change their PSN accounts. Doing it for 3 hours and then taking it down again, will accomplish nothing!!

    #50 4 years ago
  51. TheWulf

    I really hope that a second attack doesn’t happen though, to be honest.

    I was against Sony suing GeoHot because in all fairness, he was just a hobbyist hacker A) showing them where the holes in their security were, and B) giving people back a feature they purchased at launch. I’m okay with that, I’m a rights activist so that’s something I can get behind.

    I realise that that’s something that not many people will understand. That’s cool too.

    The second attack was a good thing. It proved what I’d feared all along, that as GeoHot had spotted, Sony’s excuse for security was fairly piss poor. They didn’t take it seriously. They were walking around with their pants down. If anything, the second attack taught people that you shouldn’t have complete faith in a corporation like Sony (this is good knowledge to have), and it pointed out to Sony that their pants were down.

    What some of you may not realise is that this could have been a lot, lot worse. If it was some bored hacker kid like I think it was, then all that’s happened here is that Sony are now aware of the holes, but no one’s in any real danger. Best case scenario, that is, think about it.

    The SOE thing though was more criminal act, I don’t think that was anonymous, but it was a group of people with such intent looking to snatch and run with some CC info. This was bad on the one hand, and I don’t think that any CC info should’ve been taken, that’s horrible, but at least it pointed out to Sony once again that their pants are down.

    Sony may start taking security more seriously from now on.

    Give it a few months before probing their security again, guys. I mean, having another go at them this soon if anyone is really going to is just malicious. Let them get their feet, sort everything out, and if their security is still lax then show them. But to attack them before they’re on their feet again, that doesn’t serve any purpose whatsoever.

    That’s my thoughts on this, anyway. As otherworldly as they may seem to some people.

    #51 4 years ago
  52. Gekidami

    @34
    I dont think its believable hackers would perform another attack. Though rather then conclude that its all an evil plan by Sony like you did, i’ll go with a more down to earth explanation; This news, along with its source is BS.

    #52 4 years ago

Comments are now closed on this article.