LulzSec Sony

From Enlace Hacktivista
Jump to navigation Jump to search

Sony Pictures fell victim (more than once) to multiple breaches, one notably by the group LulzSec 1 2 who identified an SQLi vulnerability on their Japanese domain and subsequently leaked their database online to embarrass the company. Their motivations were to highlight how security is more of an after thought and how security wasn't being prioritized by businesses and to laugh at their incompetence.

Explanation of the Hack

Sony has been breached multiple times over the years, however LulzSec was able to breach Sony and leak their database via SQL Injection (SQLi) 3. LulzSec claimed it was for "The Lulz" and to show how weak their security was.

@LulzSec was here you sexy bastards!

This isn't a 1337 h4x0r, we just want to embarrass Sony some more. Can this be hack number 8? 7 and a half?!

Stupid Sony, so very stupid:

SQLi #1: http://www.sonymusic.co.jp/bv/cro-magnons/track.php?item=7419
SQLi #2: http://www.sonymusic.co.jp/bv/kadomatsu/item.php?id=30&item=4490

https://web.archive.org/web/20110527084917/pastebin.com/NyEFLbyX

References

  1. https://en.wikipedia.org/wiki/LulzSec
  2. https://www.wired.com/2011/06/lulzsec-sony-again
  3. https://web.archive.org/web/20110527084917/pastebin.com/NyEFLbyX