The hacker group now infamous for several serious hacking attacks against Sony, PBS, and even a recent attack against a company affiliated with the FBI. As game companies go, Sony has been a favorite target of LulzSec with a breach exposing over one million user accounts last week. The hacker group communicates with the rest of the world via a Twitter account and provides an interesting insight into the effects of attacks against companies when they take credit.
LulzSec recently took the measure of Nintendo, but instead of exposing user accounts, passwords, or sensitive information to the public (often via torrents as per LulzSec’s modus operandi) they posted the security information elaborating how they effected their compromise. Including a bit about how Nintendo had already managed to shore up the breach by the time they went public with the information.
The Wall Street Journal contacted Nintendo and confirmed the unauthorized intrusion, laying credibility for LulzSec’s recent claims,
The Nintendo incident involved no sensitive information and hasn’t caused any damage to its operations or inconveniences for its customers, the company said.
Still, the breach raises a question over whether any online services can be fully protected from potential hacking attempts.
A hacker group called Lulzsec, which had earlier claimed that it had broken into some of Sony’s websites and stolen customer information, posted data on the Internet it claims was Nintendo “server configuration file,” or data for programming purposes.
The unauthorized access to a Nintendo U.S. server itself has been confirmed by Nintendo spokesman Ken Toyoda. He stressed that no sensitive information had been accessed or exposed. “We are always working to make sure our systems are secure,” he said.
The tweet from LulzSec on the matter expressed their love for Nintendo and Sega and their hopes that the gap would be closed with the information released; a later tweet acknowledge that Nintendo had cleared up the problem, including an admonition that “[we] made it clear that we didn’t mean any harm.”
Details on the exact nature and vector of the attack are currently tight, although shouldn’t be difficult to develop as they’re published.
This shows a personality shift in the expectations of the community from LulzSec after their copycat attacks against Sony in the wake of the massive breaches that put the PlayStation Network down for almost a month. This playful hack colors the hacker group with the juvenile behavior and attention-seeking we’ve seen from them when they first started their debut into the scene. Insofar, they’ve claimed use of unsophisticated attacks that involved common exploits in server software to deface websites and access databases. The opening into Nintendo’s website was probably a similar exploit and thus exactly why the game corporation fixed it so quickly. (Although, their own forensic teams are probably scouring the site currently to make sure the hackers left no rootkits or backdoor software behind after their intrusion.)
With E3 on the horizon, we expect to hear more from Sony about how they intend to handle their security issues and the resulting fallout.
[...] to the shut down the popular gaming network for an extended period of time. The same group also hacked Nintendo, exposing the vulnerability it exploited to facilitate the attack – a simple SQL [...]
[...] the apparent sophisticated hack against Sony that took down the PlayStation Network in April, moved onto hit Nintendo (albeit gently), and ran roughshod over other video-game industry websites as they [...]
[...] LulzSec Continues Headline Grabbing Hacks with U.S. Senate Website and Bethesda Softworks Kit Dotson | June 14th Tweet In what is a flurry of activity certainly leading towards some sort of crash-and-burn, now infamous hacker group LulzSec had a very busy day yesterday. First, they made threats and hints all day about hacking the databases of video game publisher Bethesda Softworks—best known for their development of the highly open-world game Morrowind and its upcoming sequel Skyrim. This comes in the wake of LulzSec exposing passwords from Sony and a porn industry network, picking a fight with the FBI and NATO, and “nicely” hacking Nintendo. [...]
[...] In what is a flurry of activity certainly leading towards some sort of crash-and-burn, now infamous hacker group LulzSec had a very busy day yesterday. First, they made threats and hints all day about hacking the databases of video game publisher Bethesda Softworks—best known for their development of the highly open-world game Morrowind and its upcoming sequel Skyrim. This comes in the wake of LulzSec exposing passwords from Sony and a porn industry network, picking a fight with the FBI and NATO, and “nicely” hacking Nintendo. [...]
[...] against Sony for having poor security, the game publisher Epic, industry developer Bethesda, and even Nintendo of America—they began by taking The Escapist Magazine’s website offline claiming to do so while using only [...]
[...] the apparent sophisticated hack against Sony that took down the PlayStation Network in April, moved onto hit Nintendo (albeit gently), and ran roughshod over other video-game industry websites as they [...]
[...] in order to find intrusion points and steal data—insofar they have managed to strike Sony, hack Nintendo, the U.S. Senate and software publisher Bethesda, and even a pornography industry website. This [...]
[...] LulzSec Hacks Nintendo with Gentle Pat on the Head and Candy [...]