Official PlayStation site hacked, says IT company Sophos

by Andrew Yoon { Jul 2nd 2008 at 3:00PM }

The official US websites for SingStar Pop and God of War have been hacked, according to IT company Sophos. When visitors clicked onto the PlayStation site, they may have been greeted by a pop-up ad that claims viruses have been found on their computer. The scare tactic tries to trick people into buying anti-spyware software, and requires a visitor's credit card number.

According to Sophos, the hack was implemented through a "SQL injection attack" and according to the company, "the website is still infected." However, personal visits to the PlayStation sites on our browser (Firefox 3) have not turned up anything suspicious.

[Via Next-Gen]

Tags: hack, playstation, sophos, sql-injection

Reader Comments (Page 1 of 1)

reson8er @ Jul 2nd 2008 3:10PM

God of War I can understand as it must generate a little traffic.

But Singstar Pop? These hackers fail.

Strike Man @ Jul 2nd 2008 3:48PM

If anything, I would think whoever "hacked" the site would have a greater chance of getting viewers to click on the "zomg! u hav a virisis!!!" links on a SingStar website than a God Of War one.

I know I'm really generalizing here, but SingStar is a title that attracts gamers and non-gamers alike who enjoy karaoke. God of War is geared almost strictly at the hardcore gamer crowd. Out of the two demographics, which would you believe is more likely to fall for a fake security warning or phishing scam?

(Apologies in advance to the SingStar fans who are computer literate and web savvy).

mint400 @ Jul 2nd 2008 4:38PM

apology accepted.

BlackFreefall @ Jul 2nd 2008 3:10PM

Wow Andrew, you and the rest of the PS3 bloggers are in tip top shape when comes to posting information.

Dehshizknight @ Jul 2nd 2008 5:13PM

Aren't they always?

His journalistic talent really shows on the PSNation podcast though.

thinkofmeasmra @ Jul 2nd 2008 3:11PM

With SQL server injection attacks being the pretty well the number 1 method for attacking sites, why is it this method still works seemingly effortlessly. You think 7 months back or whatever when that big financial company was hacked , allowing the hacker access to 100-someodd MILLION credit card numbers you think SQL inject attacks would be properly defended against....guess not...

Lavat @ Jul 2nd 2008 3:15PM

I would give it a day or two before going back on the PS site. I know I will.

djpenny1 @ Jul 2nd 2008 3:21PM

nothing pop up on my ps3

Eggy @ Jul 2nd 2008 3:51PM

Ha. And thus some obscure site creates traffic for themselves.

The Aggie CEO @ Jul 2nd 2008 3:57PM

I got nothing........

seedaripper1973 @ Jul 2nd 2008 4:51PM

personally i hate these f*Ck!ng c*nt$! as if any company should be allowed these underhand tactics is beyond me...its not difficult to find out who does it as you instantly go to their website??why not just close them down and sue???everytime some fU*k with this viral marketting bU!lshit comes along..close them down...i have to re-install my comp every couple of weeks because of this $h!t!...
as IF i would EVER buy their software after they deliberately virus my comp??? any d!Ck that does is exactly what it says on the tin...hope they d!e...SLOWLY

JayFight @ Jul 4th 2008 4:50AM

actually i don't think their a real company i think it's hackers who create a virus a phonie web page and then hack another site so that your automatically sent to theirs instead and it scares people into buying their "antivirus" and so they then have the credit card numbers which they then drain bank accounts and such