This article was published on April 28, 2011

Playstation attack preventable, came from US Government IP claims hacker


Playstation attack preventable, came from US Government IP claims hacker

A conversation log of a group of Playstation hackers has revealed some interesting claims about the way that the Playstation Network hack went down. If the claims are true the intrusion attempts began on March 3rd at 16:00 GMT. The hackers didn’t get through until March 16th and when they did, the successful probe came from a US Department of Defense IP address.

The log, which you can see here, seems to be a group of Playstation hackers discussing the intrusion of the PSN. A link to the log was posted on Twitter, spotted by a TNW reader and sent to us.

In the transcript the hackers discuss the hack, Sony’s response and failures by the company to recognize known vulnerabilities in the version of Apache that they were running on their servers.

One of the hackers, trixter, claims to know when the intrusions began and exactly when the successful breach of the network occurred. When asked about the source of his information, he replies with a coy “it magically appears on my monitor.”

[21:13:06]
the probes to get into PSN appear to have started March 03 16:00 GMT. It seems it took them until March 16 to actually get in though
[21:13:23]
from a US Department of Defense IP no less
[21:13:38] trixter: where did you get that info from? :)
[21:13:46]
it magically appears on my monitor

Then he derides Sony for running an older version of Apache, 2.2.3 which he claims has ‘even more’ known vulnerabilities than version 2.2.19, which was the version that the servers were running with the intrusion occurred.

[21:15:22]
what is funny is that the auth server used to be a redhat box running apache 2.2.19 (which has some known vulns in it) but now its a redhat box with apache 2.2.3 which has even more known vulns.

He also speculates that the hacker to breach Sony’s network successfully resides in Europe.

[21:14:13]
given the probe date and time I am guessing that it is someone in europe (after school or work for example) and in relation to graf

He then says that he is not affiliated with the hackers that attacked the PSN but that he tried to ‘warn’ Sony months ago.

[21:17:55]
note I am not affiliated with the person or persons that attacked PSN, but I did say MONTHS ago “sony if you are monitoring this channel you should upgrade your servers they have known vulnerabilities”

He attributes the server’s vulnerabilities to the success of the hack.

[21:29:37] so is the downtime due to server-side holes?
[21:29:45]
yes, someone penetrated
[21:29:52]
raped em like a prison bitch

Now we’re taking this report with a grain of salt, because we know how hackers like to talk and there’s no way of verifying the contents of this log. But if this is true then it raises some questions about Sony’s knowledge of system vulnerabilities and how long they knew without taking steps to

We’re continuing to look into this matter and will update if we find any more information.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with