 |
|
Press Releases
Hackers use SQL injection and scare tactics to grab consumers' credit card details Singapore, 3 July 2008 -- Researchers at IT security firm Sophos have warned lovers of video games that pages on the US-based Sony PlayStation website have been compromised by hackers. Experts at SophosLabs™ have discovered that cybercriminals have successfully used an SQL injection attack to plant unauthorised code on pages promoting the PlayStation games “SingStar Pop” and “God of War”. At the time of writing the hacker's code attempts to dupe web surfers by running a fake anti-virus scan and displaying a bogus message that their computer is infected with a variety of different viruses and Trojan horses. The hackers’ aim is to scare unsuspecting computer users into purchasing a bogus security product. Sophos warns, however, that it would be trivial for the hackers who have compromised the webpages to alter the payload so that it became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest confidential information from users. “There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware. If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals,” said Graham Cluley, senior technology consultant for Sophos. “It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate webpages.” Sophos customers are automatically protected against the threats (which Sophos identities as Troj/Iframe-AG and Mal/Badsrc), and users of other vendors' products are advised to update their software. Learn more details about the attack on the Sony PlayStation website on the SophosLabs blog: http://www.sophos.com/security/blog/2008/07/1540.html SophosLabs have informed Sony of the problem on their website, which at the time of writing is still present. About Sophos: Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications. Sophos is headquartered in Boston, US and Oxford, UK. More information is available at http://www.sophos.com Notes: Sophos makes available free, constantly updated information about the latest malware and security news via a series of RSS feeds. Visit http://www.sophos.com/feeds for more information Notes: Free anti-virus protection is available for journalists. For more information on applying for this service, please visit: http://www.sophos.com/pressprotection Media Contacts: Tony Tan Manning Selvage & Lee Worldwide Communications Tel: (65) 9048 6981 E-mail: Submitted by TonyTan@MS&L, Manning Selvage & Lee on Thursday, 3 July 2008 at 11:02 AM Category: Enterprise Technology |
|
|
 |
|
Scoopasia v1.0b. Copyright © 2008
Today is Wednesday, 19 November 2008 |
Want to get your press releases, event listings, and job ads on Scoopasia? 
| Journalist's Toolbox |  |
|
Hello journalist, welcome to Scoopasia--a powerful online resource for media information in Asia. Scoopasia has press releases and media events for every beat and industry. All content on Scoopasia is 100% FREE. You don't even need to login!
(Instant Information Request) The easiest way to ask questions and request information from the PR community. Drill down, dig deep, for media information the way you want it. Resources and tools you can't do without. | |
| PR Tools |
|
Scoopasia Blog Search
Search the largest handpicked collection of Asia's most prominent and influential blogs. |
| Resources |
|
More Coming Soon... |
