UPDATED 11:45 EDT / JUNE 06 2011

LulzSec Hacks Nintendo with Gentle Pat on the Head and Candy

lulzsec-failboat The hacker group now infamous for several serious hacking attacks against Sony, PBS, and even a recent attack against a company affiliated with the FBI. As game companies go, Sony has been a favorite target of LulzSec with a breach exposing over one million user accounts last week. The hacker group communicates with the rest of the world via a Twitter account and provides an interesting insight into the effects of attacks against companies when they take credit.

LulzSec recently took the measure of Nintendo, but instead of exposing user accounts, passwords, or sensitive information to the public (often via torrents as per LulzSec’s modus operandi) they posted the security information elaborating how they effected their compromise. Including a bit about how Nintendo had already managed to shore up the breach by the time they went public with the information.

The Wall Street Journal contacted Nintendo and confirmed the unauthorized intrusion, laying credibility for LulzSec’s recent claims,

The Nintendo incident involved no sensitive information and hasn’t caused any damage to its operations or inconveniences for its customers, the company said.

Still, the breach raises a question over whether any online services can be fully protected from potential hacking attempts.

A hacker group called Lulzsec, which had earlier claimed that it had broken into some of Sony’s websites and stolen customer information, posted data on the Internet it claims was Nintendo “server configuration file,” or data for programming purposes.

The unauthorized access to a Nintendo U.S. server itself has been confirmed by Nintendo spokesman Ken Toyoda. He stressed that no sensitive information had been accessed or exposed. “We are always working to make sure our systems are secure,” he said.

The tweet from LulzSec on the matter expressed their love for Nintendo and Sega and their hopes that the gap would be closed with the information released; a later tweet acknowledge that Nintendo had cleared up the problem, including an admonition that “[we] made it clear that we didn’t mean any harm.”

Details on the exact nature and vector of the attack are currently tight, although shouldn’t be difficult to develop as they’re published.

This shows a personality shift in the expectations of the community from LulzSec after their copycat attacks against Sony in the wake of the massive breaches that put the PlayStation Network down for almost a month. This playful hack colors the hacker group with the juvenile behavior and attention-seeking we’ve seen from them when they first started their debut into the scene. Insofar, they’ve claimed use of unsophisticated attacks that involved common exploits in server software to deface websites and access databases. The opening into Nintendo’s website was probably a similar exploit and thus exactly why the game corporation fixed it so quickly. (Although, their own forensic teams are probably scouring the site currently to make sure the hackers left no rootkits or backdoor software behind after their intrusion.)

With E3 on the horizon, we expect to hear more from Sony about how they intend to handle their security issues and the resulting fallout.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU