Sony being sued. Could loose Billions.

Seems the DOD does not like Sony.
boards.ign.com...

Read [link=http://translate.google.nl/translate?js=n&prev=_t&hl=nl&ie=UTF-8&layout=2&eotf=1&sl=nl&tl=en&u=http%3A%2F%2Fwww.psx-sense.nl%2F46008%2Fplaystati on-network-log-van-de-hacker-leaked%2F]here[/link]

I hope this doesn't get locked, because if Sony's security is really this terrible, it deserves it's own thread.

The website takes awhile to load so I'll just post it here:

[image=http://www.psx-sense.nl/plaatjes_2011/img_4db7364c22be0.jpg]

Above is a screenshot of their PSN servers access logs. This log is created on the main server of the PlayStation Network. Likely many of you have no idea what exactly a log would be. Sony itself has this log file are also publicly retrievable through the URL. Mistake number two, perhaps? Here also some interesting logs:

214.1.211.251 - - [15/Apr/2011: 9:40:11 -0700] "GET / OfficeScan / cgi / cgiChkMasterPwd.exe HTTP/1.1" 404 336 "-" "-"

178.202.110.92 - - [22/Apr/2011: 7:05:00 p.m. -0700] "GET / admin / cdr / counter.txt HTTP/1.1" 404 343 "-" "Mozilla/5.0 (compatible; Windows NT 6.1, de; rv: 1.9.2.16) Gecko/20110319 Firefox/3.6.16 "

214.1.211.251 - - [15/Apr/2011: 9:40:09 -0700] "GET / _vti_bin / fpcount.exe? Page = default.htm | Image = 3 | Digits = 15 HTTP/1.0" 404 325 "- "" - "

214.1.211.251 - - [15/Apr/2011: 9:39:51 -0700] "GET / scripts / foxweb.exe / HTTP/1.0" 404 324 "-" "-"

214.1.211.251 - - [15/Apr/2011: 9:39:48 -0700] "GET / phpwebfilemgr / index.php? F =../../../ etc / services HTTP/1.0" 404 328 " - "" - "

What we see here again include the use of an FVC, local file inclusion, in the last row. With this is that the ip 214.1.211.251, this is possibly the IP of the attacker. Nor has a number of Javascript injections occurred:

214.1.211.251 - - [15/Apr/2011: 9:39:49 -0700] "GET / board.php? FID = alert (document.cookie) HTTP/1.0" 404 314 "- "" - "

214.1.211.251 - - [15/Apr/2011: 9:39:38 -0700] "GET / servlet / webacc? User.id ="> alert ('eeye2004') HTTP/1.0 " 404 319 "-" "-"

214.1.211.251 - - [15/Apr/2011: 9:39:30 -0700] "GET / modules.php? Name = Reviews & rop = post & title =% 253cscript comment> alert 2528document.cookie%)% 253c/script> HTTP / 1.0 "404 316" - "" - "

It is frightening to know that Sony is so easy to hack, because come on Sony, FVC and Javascript injections? Really? This looks like the work of a 14 year old boy. Thanks to SKFU Blog for the announcement of the log.

214.1.211.251 is DOD network.

bgp.he.net...

www.stuff.co.nz...

Personal information and credit card numbers stolen from Sony's PlayStation Network in one of the world's largest privacy breaches are reportedly being offered for sale on underground internet forums.

Potential victims are being warned that they will have to be on their toes for some time to come.

Kevin Stevens, senior threat researcher at the security firm Trend Micro, was one of several experts who told The New York Times that he had seen talk of the hacked database on several hacker forums.

The researchers said the attackers were hoping to sell a database that included Sony customer names, addresses, usernames, passwords and millions of credit card numbers.

The credit card list alone was listed for upwards of $ 135, 000 and the hacker had allegedly offered to sell the database to Sony, however, did not receive a response.

www.washingtonpost.com... business

Kevin Stevens, a security researcher from the security firm Trend Micro, said on Twitter that he’d seen the posts, which also advertised credit card verification numbers— information Sony has said was definitely not obtained by hackers.

The hackers that hacked PSN are selling off the DB. They reportedly have 2.2 million credits cards with CVVs #psnhack
Thu Apr 28 15:26:31 via TweetDeck
Kevin Stevens
killercube

Stevens said that, without seeing the data, he didn’t know if the hackers were lying about what information they’d obtained
.

t seems that the source of some of the rumors is Kevin Stevens, a senior researcher at security firm Trend Micro. He told The New York Times that he has seen discussions about the supposedly stolen database on hacker forums. Apparently hackers are claiming to have a copy of the database and are asking for a price “upwards of $100,000.”

“It is not a rumor, it was a conversation on a criminal forum. I never saw the DB so I can’t verify if it is real,” Stevens said in one of his tweets.

There’s more, though. Screenshots from “underground” message boards supposedly frequented by the hackers have been surfacing as well. We’ve seen these screenshots posted by security blogger Brian Krebs and on the PSX-Scene forums. One of them even describes the supposed format of the PSN credit card database, which includes credit card numbers, card security codes and expiration dates.

Sony has previously claimed that there is no evidence that credit card data was stolen, but that it couldn’t rule out the possibility. “If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained,” the company warned in blog post on Tuesday.

So far, there is no confirmation that credit card information has been stolen, that the PSN database is real or that the hackers are trying to sell it. Yet the mere possibility that 2.2 million credit cards could be sold to the highest bidder is an alarming and frightening possibility. Sony is working with the Federal Bureau of Investigation on the matter, but there’s no telling how long it will take them to track down the perpetrators of the attack
Link with pictures showing hackers in conversation.
mashable.com...
.
edit on 29-4-2011 by shikori because: (no reason given)
edit on 29-4-2011 by shikori because: (no reason given)



Now, though, MSNBC is making headlines with an article that starts off saying that some 2.2 million credit card numbers stolen from the PSN are being shopped around. The story stems from a Twitter post by Kevin Stevens of Trend Micro, a purveyor of Internet security software, which said that cybercrooks were claiming to have the accounts, including first name, last name, address, zip code, country, phone, email, email password, date of birth, credit card number, expiration date, and three-digit security code. That account was backed up by screenshots from a forum by Independent security blogger Brian Krebs. www.gamespot.com...

Sonys problems keep growing.

www.ft.com...

Please respect FT.com's ts&cs and copyright policy which allow you to: share links; copy content for personal use; & redistribute limited extracts. Email [email protected] to buy additional rights or use this link to reference the article - www.ft.com...


It said that at around the same time that one or more hackers broke into the larger PlayStation Network for console gamers, there was a similar breach at the PC service.

Names, e-mail addresses, home addresses and phone numbers for 24m users were stolen, and a database from 2007 was also compromised, exposing more than 12,000 debit and credit card numbers and more than 10,000 debit transaction records from Austria, Germany, Netherlands and Spain.

The Japanese electronics group is still discovering fresh attacks, according to people close to the company, but a spokeswoman said the latest decision to close the Online Entertainment System related to the discovery of a previous breach rather than a second attack.

The move stunned gamers and showed that Sony is still struggling to understand the extent of the flaws in its technology defences nine days after it took down the PlayStation service.