PlayStation Website Hacked

Hackers have reportedly infiltrated Sony’s U.S. PlayStation website in an attempt to gain credit card information from unsuspecting users. Sophos, a computer security and anti-virus company, claims hackers have inserted code into Sony’s SingStar Pop and God of War pages on the PlayStation site that display false messages telling users their computers have been infected with spyware and viruses, and offering them a link to download “Antispyware” software.

Sophos said the intent is to scare users into buying “bogus” security software, but added, “It would be trivial for the hackers who compromised the webpages to alter the payload so that it became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest confidential information from users.”

“There are millions of video game lovers around the world, many of whom will visit Sony’s PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware,” said Graham Cluley of Sophos. “If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals. It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate webpages.”

As of 3PM EST I am not detecting any further problems with either site..Sony has fixed it. Nonetheless, it just goes to show you any site is vulnerable and you must be cautious. Use Firefox 3 and good anti-virus (Norton and McAfee suck).