Sony’s security woes continue to mount, with researchers discovering that a portion of the company’s web infrastructure is currently playing host to a phishing site targeting Italian credit card holders.
It’s a common tactic for phishers to crack in to remote webservers to host their payloads, which pretend to be bank or credit card sites while secretly sending your personal information off to the ne’er-do-well behind the scheme, for one simple reason: were they to pay for hosting themselves, the cyber-crooks would give investigators an easy route to catch them.
Usually, the sites cracked in this way are small hosts that fail to keep up with the latest security holes in packages like CPanel and WordPress – but Sony appears to have joined the ranks of the afflicted in yet another attack on the company’s computing infrastructure.
First spotted by Mikko Hypponen, a security specialist at F-Secure, the affected server hosts Sony’s Thai home page – and while the main site is as you would expect it to be, visitors to the hdworld.sony.co.th sub-domain are treated to an unexpected extra: a fake home page for Carta Si, an Italian credit card company.
To have its servers used in this manner so soon after the high-profile attack on its infrastructure that saw the personal details and credit card information from millions of PlayStation Network and Sony Online Entertainment users leaked is embarrassing – and doubly so when the company is doing its best to convince Japanese regulators that it has secured its systems well enough to allow PSN back on the aether.
Sony has been notified of the attack on its site, but at the time of writing the malicious URL is still active. The company has yet to respond to our request for comment.Leave a comment on this article