1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Big Sony hack again today

Discussion in 'BlackHat Lounge' started by dvdgangster, Jun 2, 2011.

  1. dvdgangster

    dvdgangster Junior Member

    Joined:
    Oct 18, 2009
    Messages:
    102
    Likes Received:
    52
    More bad new for sony, am sure that list could be easily monetized by some here

    Loads of private info just leaked by

    We recently broke into SonyPictures.com and compromised over 1,000,000 users'
    personal information, including passwords, email addresses, home addresses,
    dates of birth, and all Sony opt-in data associated with their accounts.
    Among other things, we also compromised all admin details of Sony Pictures
    (including passwords) along with 75,000 "music codes" and 3.5 million "music coupons".

    Due to a lack of resource on our part (The Lulz Boat needs additional funding!)
    we were unable to fully copy all of this information, however we have samples
    for you in our files to prove its authenticity. In theory we could have taken
    every last bit of information, but it would have taken several more weeks.

    Our goal here is not to come across as master hackers, hence what we're about
    to reveal: SonyPictures.com was owned by a very simple SQL injection, one of
    the most primitive and common vulnerabilities, as we should all know by now.
    From a single injection, we accessed EVERYTHING. Why do you put such faith in
    a company that allows itself to become open to these simple attacks?

    What's worse is that every bit of data we took wasn't encrypted. Sony stored
    over 1,000,000 passwords of its customers in plaintext, which means it's just
    a matter of taking it. This is disgraceful and insecure: they were asking for it.

    This is an embarrassment to Sony; the SQLi link is provided in our file contents,
    and we invite anyone with the balls to check for themselves that what we say
    is true. You may even want to plunder those 3.5 million coupons while you can.

    Included in our collection are databases from Sony BMG Belgium & Netherlands.
    These also contain varied assortments of Sony user and staffer information.

    Follow our sexy asses on twitter to hear about our upcoming website. Ciao! ^_^
     
    • Thanks Thanks x 3
    Last edited: Jun 2, 2011
  2. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,802
    Likes Received:
    6,370
    Home Page:
    Sony are useless, I thought they sorted all the security holes? -they spent a month tightening everything up didn't they ?
     
  3. Narrator

    Narrator Power Member

    Joined:
    Oct 5, 2010
    Messages:
    507
    Likes Received:
    396
    Occupation:
    Internet Marketing
    Location:
    /dev/null
    I don't know... I find it a little hard to believe they store the passwords in plain text.
     
  4. moneymachine01

    moneymachine01 Regular Member

    Joined:
    Sep 2, 2009
    Messages:
    339
    Likes Received:
    75
    If it wasn't for POS hackers like these guys we wouldn't have to worry about it. They should all be burned at the stake.
     
  5. dvdgangster

    dvdgangster Junior Member

    Joined:
    Oct 18, 2009
    Messages:
    102
    Likes Received:
    52
    i checked the text out and the login info is 100% legit
     
  6. Mokodoki

    Mokodoki Regular Member

    Joined:
    Feb 26, 2011
    Messages:
    217
    Likes Received:
    354
    Occupation:
    Graphic Artist | Fulltime Student
    Only on certain fronts. You have to remember how vast of an empire Sony has--it has websites and systems set up globally across many different fields of interest.

    Right now, Sony is basically being used as the hacking world's biggest security test. Everyone wants a piece of that action. :rolleyes:

    So while their US website and PSN service is secured, there's a lot of other facets of their operation that isn't and that's what the hackers are going after now.
     
  7. syngenetic

    syngenetic Guest

    Can you link me to the source? I feel bad for Sony.

    OH AND THIS IS WHY XBOX 360 IS BETTER! :)
     
    Last edited by a moderator: Jun 2, 2011
  8. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,802
    Likes Received:
    6,370
    Home Page:
    Poor b****rds!
    Still, as big as you are, you should be able to deal with issues proportionately. It may be a naive comment, but I often think that as companies get larger they spend proportionately less and less on internal maintenance in favour of bigger profits.

    It's probably just jealousy talking though:)
     
  9. Mokodoki

    Mokodoki Regular Member

    Joined:
    Feb 26, 2011
    Messages:
    217
    Likes Received:
    354
    Occupation:
    Graphic Artist | Fulltime Student
    Don't feel too bad for them. The reason Sony is under fire is because of their poor business practices and pissing off their customer base to the point of mass retaliation. I've owned Sony systems my entire life and am totally disgusted by how out of touch they are with the people buying their products. :rolleyes:
     
  10. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,802
    Likes Received:
    6,370
    Home Page:
    Gave up gaming after ff7 -nothing else could compare:)
     
    • Thanks Thanks x 1
  11. syngenetic

    syngenetic Guest

    Agreed. And people continue to ask me why I've had a Xbox Live $50 membership for the past 5-6 years.
     
  12. blackma

    blackma Power Member

    Joined:
    Jul 9, 2009
    Messages:
    795
    Likes Received:
    860
    Occupation:
    Blackhat Marketer (Full Time)
    Location:
    yendyS
    Home Page:
    What an embarrassment for Sony! Even the big guys get hacked sometimes huh?
     
  13. dillfly2000

    dillfly2000 Junior Member

    Joined:
    May 4, 2010
    Messages:
    120
    Likes Received:
    75
    Occupation:
    I've paid my dues, I deserve free money!
    Location:
    3 of 2 places
    Home Page:
    I feel sorry for the people at sony having to deal with all this bs, i mean they must be pulling their hair out.

    On the plus side, the Playstation Store is back up, time to get some "3D ready" games :D
     
  14. JesusBack

    JesusBack Executive VIP Premium Member

    Joined:
    Sep 15, 2010
    Messages:
    1,159
    Likes Received:
    1,284
    Occupation:
    Almost done :D
    Location:
    {calm|cool|collected}
    Funny thing is that 50% of the new hack reports are by sony competitors.
     
  15. zebrahat

    zebrahat Elite Member

    Joined:
    Aug 6, 2008
    Messages:
    2,351
    Likes Received:
    2,891
    Meanwhile, the hackers responsible must be having their best day ever, not merely because of a successful hack, but because of the timing. Wait until all the clamor had come down about the previous hack, and all the corporate assurances had been made, and circulated widely---then BOOYAH, hit Sony again! "Ha, ha, suits! Thought you got rid of us, huh? Next time, you'd best bring some kryptonite!"
     
  16. dizz

    dizz Elite Member

    Joined:
    May 19, 2009
    Messages:
    2,068
    Likes Received:
    1,775
    Occupation:
    This... AND MORE!! :D
    Location:
    Texas
    The only encrypted data that sony keeps will probably be unreleased music, or movies, whatever.... And the only reason I know this is because I used to work as a sound engineer for Sony... used to.. LOL :D
     
  17. Supernoob

    Supernoob Regular Member

    Joined:
    Jul 9, 2010
    Messages:
    202
    Likes Received:
    59
    Location:
    United Kingdom
    If I ever use anything Sony im registering with a username starting with "x" that way hopefully the hackers will give up as ill be at end of user list - Or they get cut off.
     
  18. Krazie

    Krazie Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 27, 2009
    Messages:
    266
    Likes Received:
    197
    Home Page:
    I usually start at the bottom of a list and work my way up. That way if it's a list that has been circulated you have a better chance of grabbing something at the bottom than the ones already being hit at the top ;)
     
  19. thevil

    thevil Junior Member

    Joined:
    Aug 17, 2010
    Messages:
    190
    Likes Received:
    189
    Sony should have never went after George Hotz. BMG isnt innocent either with hiring these pay or else copyright extortionists. It was essentially the building block of the attacks against them. Brought to you by the same people who hacked PBS.org cause of a smearpiece they aired on Wikileaks. According to them, this is just phase 1.