Wired’s Threat Level Plays PSN Hack ‘Whodunit’
File this under pure speculative analysis, but Wired’s Threat Level has some thoughts on just who (and why) the PlayStation Network (and Sony Online Entertainment) were compromised and records pilfered. If you’d like a little more insight into the players, it’s worth a read:
It’s one of the biggest data breaches in history. Now that Sony has come clean — sort of — on a computer intrusion this month that exposed personal information on 77 million PlayStation Network users, one obvious question remains: Who pulled off the hack?
In the old days, the answer would be simple: some kid did it. But today’s underground is more complicated — a slew of competing players with different agendas and techniques. Here’s a quick rundown on the likely suspects.
They tackle Anonymous, China, the Recreational Hacker, and finally For-Profit Cyberthieves out of Eastern Europe or Russia. Continue at Wired
Tags: account security, compromised accounts
Trackback from your site.
Comments (5)
Striinger
| #
That article says passwords were unhashed, but other reports have said that they were. So am I mixing up the network info? Were the passwords encrypted or not?
Reply
user2983
| #
Pretty bad article, honestly. The “groups” it lists are sort of vague, aside from anonymous. And to claim anonymous might have done it is kind of a joke – anonymous as a whole has no technical computer skills, just a lot of computers which allow them to DDoS effectively. Everything anonymous has ever done was accomplished solely by DDoSing, which is not hacking in any way. Even the whole HBGary thing was a bug on their side which unexpectedly occurred when they brought the site back up following a DDoS attack. Oh, and stealing facebook/youtube/email/whatever passwords isn’t hacking either, 99% of those are accomplished by using the password reset functions on these websites and answering the secret question using information which is usually easily guessed/attained from information the users have already disclosed about themselves (favorite color, city you were born in, highschool mascot, etc…).
Sony’s poor security has been known about for a long time in relatively public circles, it just finally came to the attention of someone who felt like seeing how far it extended. Probably the same type of person who does other malicious computer acts for profit, like selling access to botnets and keylogger obtained personal information. Doesn’t even matter who did it, really, because there’s so many people out there who both could and would do the same thing. Sony was ultimately the one who should have seen this coming (especially since they monitor forums that discussed these vulnerabilities) and ultimately could have prevented this.
Reply
Wilhelm Arcturus
| #
@Striinger – The correct answer is that Sony was smoking hash when they figured it would be a good idea to store our passwords in a retrievable format of any sort. They are always telling us no Sony employee will ever ask us for our password. Now we know why. They don’t need to!
Reply
Feldon
| #
The passwords were hashed, which means they cannot be read in plaintext, but it may have been a simple hash without adding a salt, or any other randomizing elements. When you try to login, the password you enter into the launcher is hashed and then compared with your hashed password in the database. If they match, you can login.
http://www.forensicswiki.org/wiki/Rainbow_Tables
If you know what hash routine Sony used (md5 is an example), then you can make a text file of several hundred megabytes with the most common passwords used by users. Then you just do searches on the Sony customer database against your Rainbow Table and you will find many many matches. Users tend to use the same password on their e-mail, bank, paypal, EQ2, etc. so just by getting one user’s password, you’ve probably got yourself $1,000 or more that you can exploit on their bank accounts. It’s definitely worth the effort to trawl through a 100 million user database to get a handful of accounts, especially to Eastern European hackers.
Reply
isest
| #
Well I just read that article and Igot to say they left out a lot of different types of hacks. What about the chineeese gold farmers. The soe database would be huge for them.
with the account info they could hack into anybodys game base strip that toon and makes tons of plat multiply that by everybody in game it is huge.
We may never know who did do this, unless the FBI actually finds them.
Reply