Over the last few months we have mentioned the current wave of SQL injection attacks plaguing the web (1, 2, 3 and 4). Yesterday, we spotted that Sony’s USA PlayStation website – a high profile website with a large number of daily visitors (ref: Alexa) – had been the victim of an SQL injection attack.
The purpose of this wave of attacks seems to be to dupe users into installing the same fake anti-virus software we discovered on .MOBI websites earlier this week.
Visiting the affected PlayStation site runs a script that pretends to do an online security scan of your computer, and presents a bogus warning message that your PC is infected with a variety of different pieces of malware. Users frightened by the scareware ‘warnings’ might rush to spend money on useless software.
The fact that the Sony PlayStation site has been attacked in this way suggests that someone with malicious intent could place other harmful malware there – a worrying thought when you consider the number of consumers interested in video gaming.
SophosLabs has contacted Sony and at the time of writing the website is still infected.
You can read more background about this current malware attack, which is affecting a number of different websites, on the SANS Internet Storm Center website. Microsoft recently published an advisory about SQL injection attacks on its website that some may find useful.
UPDATE: July 3rd – The Sony PlayStation site has been cleaned. Read “Sony PlayStation – Revisited”