PlayStation Twitter Hacked “PSN Databases Compromised”

MegurineLuka-Oppai-PS4-by-Comugico

PlayStation’s official Twitter (and Facebook) was recently hijacked by a hacking group, though despite the expectations of most, it was performed by one possessing “ethical standards” – with the situation seemingly being nowhere near in scope to the catastrophic hacking back in 2011 that saw to the loss of over 25 million accounts.

The official website for the hacking group claims that their purpose is to showcase the vulnerabilities of networks while helpfully providing their victims with tips on how to improve their security; the group additionally states that it has no bad intentions (not that that would make victims trust them), if such a reassurance is worth much.

The hacking group posted several messages on PlayStation’s Twitter that have since been deleted:

PlayStation Network Databases leaked #OurMine

Subscribe to #DramaAlert

No, we aren’t going to share it, we are a security group, if you works at Playstation then please go to our website ourmine.org – > Contact

Naturally many are skeptical (as well as unimpressed) about their claim of having access to the PSN databases as it seems unlikely that such access could be acquired from a mere social media account (although getting social media access via a database might be slightly more plausible):

“that why ps on youtube have been posting video on how to secure your ID all day hahahah”

“For fuck’s sake. Get your shit together Sony”

“If dudes like this were truly “ethical”, they’d become actual cyber threat assessors instead of hiding behind TOR or whatever the hell they do to stay secret.”

“All these hackers do is just piss of the gaming population”

“Bunch of pathetic morons had nothing better to do today, I guess”

“So…what this all amounts to is “Sony’s security sucks”. In other news, water is wet.”

“Less morally wrong than the eBay scalpers selling Xbox One Xs for 2x+ msrp already IMO.”

“Oh no, a Twitter account got hacked. Big whoop. If they hacked the database, they wouldn’t be telling us they hacked the database.”

“I can’t believe people are flipping out over this, hacking a twitter account is significantly easier than hacking xboxlive or psn, there is no need to start talking sh*t about sony for the hack that happened half a decade ago.”

The group is already notorious for hacking several individuals, including Pokemon Go creator John Hanke, Twitter co-founder Jack Dorsey and Google CEO Sundar Pichai, though their tendency to merely hijack social media accounts (a matter of gullible staff and pathetic password security in many cases) may leave many nonplussed.


    Post Comment »
    9 Comments
    Sort by: Date | Score
    Comment by Anonymous
    23:51 24/08/2017 # ! Neutral (0)

    Hacking Dorsey didn't reveal anything of his evil plans to destroy the world?

    Comment by Anonymous
    09:43 22/08/2017 # ! Neutral (0)

    I don't get it. Say my password is password123. Are you saying you can brute force a password in this day and age?

    I don't see how a connection that tries to log in 21 billion times a second can be allowed to continue to make requests. If they didn't hack it by brute force, why claim poor passwords are relevant?

    Comment by Anonymous
    04:44 24/08/2017 # ! Neutral (0)

    The hackers do not take one account and try to brute force its password, what they do instead is to use one password and try to match every account. If your password is "password123", then your account will be hacked very early in the process.

    The average hacker only wants a large number of hacked accounts, he would not care whether they can hack any particular account.

    Comment by Anonymous
    21:04 22/08/2017 # ! Neutral (0)

    Yes you can brute force passwords in this day and age. Alaktorn shows the usual way of doing this.

    I believe you need atleast a password with 22+ characters (with special characters) these days to be relatively save from bruteforce hacks.

    Comment by Anonymous
    09:55 22/08/2017 # ! Neutral (0)

    Easily done if they have the database as they claim.

    Avatar of ALAKTORN
    Comment by ALAKTORN
    12:32 22/08/2017 # ! Neutral (0)

    Na I don’t think that’s possible, if you try too many passwords everything should stop you nowadays. The way bruteforcing passwords works as far as I know requires you to have the database of hashes for the passwords. So you know user x’s password creates the hash y, then you bruteforce pwds on your own system until you find one that matches the hash, then you have the password. This video shows this being done IIRC: https://www.youtube.com/watch?v=7U-RbOKanYs

    Though there are multiple ways of storing passwords, hashing is like the weakest type of protection (well not really but anything less should get the dude who implemented it killed)… I’m nowhere near an expert on the subject but that’s what I think I know.

    Comment by Anonymous
    23:10 22/08/2017 # ! Neutral (0)

    You can Bruteforce without a database of hashes.
    You can just use a dictionary and try it. Sure it is slow but it does work.

    The last one I saw was 900 million most common passwords. And it does work friends still use RATs to mass test logins and they find 10s of thousands still easily.

    It is clear people don't understand the strength of passwords and alot seem to use 1 password for everything. Some even store their passwords on their email in a Draft. People are stupid.

    Comment by Anonymous
    00:32 23/08/2017 # ! Neutral (0)

    Weakest link in security is ALWAYS the user.

    Comment by Anonymous
    13:56 22/08/2017 # ! Neutral (0)

    Thank you for the explanation. 👍



    Post Comment »

Popular

Recent News

Recent Galleries

Recent Comments