Sophos

Talk to our experts

Find your local press contact

Resources

Sophos blogs

Info feeds

What are info feeds?

2 July 2008

Visitors to Sony PlayStation website at risk of malware infection Hackers use SQL injection and scare tactics to grab consumers' credit card details

Researchers at IT security firm Sophos have warned lovers of video games that pages on the US-based Sony PlayStation website have been compromised by hackers.

Experts at SophosLabs™ have discovered that cybercriminals have successfully used an SQL injection attack to plant unauthorized code on pages promoting the PlayStation games "SingStar Pop" and "God of War".

SingStar Pop
One of the webpages on Sony PlayStation's US website that has been compromised by hackers.

At the time of writing the hacker's code attempts to dupe web surfers by running a fake anti-virus scan and displaying a bogus message that their computer is infected with a variety of different viruses and Trojan horses.

Bogus security warning
After pretending to scan your computer for malware, a bogus security warning is displayed.

The hackers' aim is to scare unsuspecting computer users into purchasing a bogus security product. Sophos warns, however, that it would be trivial for the hackers who have compromised the webpages to alter the payload so that it became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest confidential information from users.

"There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware. If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals," said Graham Cluley, senior technology consultant for Sophos. "It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate webpages."

Sophos customers are automatically protected against the threats (which Sophos identities as Troj/Iframe-AG and Mal/Badsrc), and users of other vendors' products are advised to update their software.

SophosLabs have informed Sony of the problem on their website, which at the time of writing is still present.

Update 3 July 2008: The Sony PlayStation website is no longer infected. Learn more in "Sony PlayStation - Revisted" on the SophosLabs blog.

Download Free virus scan
Download the Threat Detection Test
  • Free virus, spyware, and adware scan
  • Test your existing anti-virus protection
  • Find threats your anti-virus missed

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

See also: