News was released today the Sony Playstaion site has fallen victim to hackers who targeted the site in an attempt to engineer credit card number and other personal data from gamers.
The Playstaion site that was hit was in the US, and targeted pages promoting PlayStation games such as SingStar Pop and God of War. The malware attack worked by running a fake antivirus scan on users computers, later prompting them to purchase phoney antivirus software in order to solve the inevitable problem it detected.
Insecurity firm Sophos said that the criminals behind the scam had used an SQL injection vulnerability to add unauthorised code to pages.
Talking of the scope of the attack Graham Cluley, from Sophos stated that “There are millions of video game lovers around the world, many of whom will visit Sony’s PlayStation website regularly to find out more about the latest console games.”
He went on to say that “Most would never expect that surfing a website like this could potentially infect them with Malware…It is essential that all websites, especially high profile ones like this, have been properly hardened to prevent hackers from injecting malicious code into legitimate web pages.”
