Antivirus and security firm F-Secure said over the weekend that it found a "live" phishing site active on Sony’s servers in Thailand. The malicious site was found on Sony’s official web site for Thailand, running under " hdworld.sony.co.th" and targeting an "Italian credit card company."
From the F-Secure website:
"We know you're not supposed to kick somebody when they're already down… but we just found a live phishing site running on one of Sony's servers.
However, this incident has nothing to do with the Sony PSN hack."
The security firms says that Sony has "been hacked again" but adds that the "server is probably not very important." The company closes by saying that its software has blocked the site for its customers.
F-Secure adds that it has told Sony about the site.
Source: SlashDot
Comments
Re: Gone Phishing: Sony Thailand Site Hacked
Another hit: Sony BGM Greece was breached, and usernames, real names, and email addresses were exposed.
Quote of the day: "It is nearly impossible to run a totally secure Web presence, especially when you are the size of Sony."
That might be a viable answer if it were to the original DDoS attack, the SOE breach, the phishing site hidden on their servers, the theft of sweesptakes entries, the exploit allowing PSN accounts to be stolen using the password recovery page, or the theft of email addresses from the BGM site... It's really pushing it to use that on the big PSN breach, but to use it to answer all of them, in the space of a few weeks?
Re: Gone Phishing: Sony Thailand Site Hacked
Yeah, two really big possibilities: Someone REALLY has it in for them or their security was/is abysmal. Of course, the two are also possible combined.