Sophos: Visitors to Sony PlayStation website at risk of malware infection
Posted by XanTium | 2-7-2008 17:25 EST
Researchers at IT security firm Sophos have warned lovers of video games that pages on the US-based Sony PlayStation website have been compromised by hackers.
Experts at SophosLabs™ have discovered that cybercriminals have successfully used an SQL injection attack to plant unauthorized code on pages promoting the PlayStation games "SingStar Pop" and "God of War".
At the time of writing the hacker's code attempts to dupe web surfers by running a fake anti-virus scan and displaying a bogus message that their computer is infected with a variety of different viruses and Trojan horses.
The hackers' aim is to scare unsuspecting computer users into purchasing a bogus security product. Sophos warns, however, that it would be trivial for the hackers who have compromised the webpages to alter the payload so that it became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest confidential information from users.
Full Story: sophos.com