1. Forums /
  2. Gaming Lounge /
  3. PS3 /
  4. Hackers offering to sell PSN credit card details !
Post: Hackers offering to sell PSN credit card details !
04-29-2011, 11:17 AM #1
Mr. DarkKV's Avatar
Mr. DarkKV
League Champion
(adsbygoogle = window.adsbygoogle || []).push({});
You must login or register to view this content.

In the ongoing Sony PR nightmare that is the PlayStation Network hack, the latest rumours suggest that hackers are trying to sell the credit card details of 2.2 million PSN users.

Not only that, the hackers are also alleged to have offered to sell back the data to Sony, with the group claiming that Sony refused to buy back the list.

Sony offered PSN data?

The New York Times reports that Sony was offered the chance to buy back the information for around $100k but that the company has ignored the requests.

Sony has refuted the paper's claims.

"To my knowledge there is no truth to the report that Sony was offered an opportunity to purchase the list," said SCEA PR boss Patrick Seybold.

"The entire credit card table was encrypted and we have no evidence that credit card data was taken."

Kevin Stevens, senior threat researcher at the security firm Trend Micro, told the New York Times that he had seen talk of the database on numerous hacker forums online.

"Sony is saying the credit cards were encrypted, but we are hearing that the hackers made it into the main database, which would have given them access to everything, including credit card numbers," added security consultant Mathew Solnik, from iSEC Partners
You must login or register to view this content.
(adsbygoogle = window.adsbygoogle || []).push({});

The following 8 users say thank you to Mr. DarkKV for this useful post:

DEREKTROTTER, Geeqoh, Hadenkin, LilP, Mezzid, Mr Grumpy, Sigma, xDeluxe
04-29-2011, 03:00 PM #20
SU44K8's Avatar
SU44K8
Suffocate
If this really happend then why dont they buy back the info? If the hackers buy stuff with it Sony could get sued.
04-29-2011, 03:05 PM #21
hahaNO's Avatar
hahaNO
Bounty hunter
Hmm i dont think sony failed exactly. How knows if they actually have the CC info? They only chargd 100k. They could get alot more from the credit cards. who ever heard of a nice Thief?
04-29-2011, 03:10 PM #22
ASD24's Avatar
ASD24
Save Point
Luckily I used PSN cards! :angel:
04-29-2011, 03:32 PM #23
SayWhat10's Avatar
SayWhat10
I am error
Originally posted by SU44K8 View Post
If this really happend then why dont they buy back the info? If the hackers buy stuff with it Sony could get sued.


and how can they trust them?
if is sony bought it, like the hackers didnt make a copy of the info and still do credit card fraud? sony's money + cards = win win win
04-29-2011, 03:41 PM #24
SU44K8's Avatar
SU44K8
Suffocate
Originally posted by SayWhat10 View Post
and how can they trust them?
if is sony bought it, like the hackers didnt make a copy of the info and still do credit card fraud? sony's money + cards = win win win


Because sony's not just going to be like "Ok we will send you the money, just send us the info." They are going to be like "Sign this saying you dont have copies blah blah blah we will sue you if you break this contract blah blah blah."
04-29-2011, 03:41 PM #25
SU44K8's Avatar
SU44K8
Suffocate
Sorry there was a glitch which made a repost.
04-29-2011, 03:43 PM #26
xShOtz's Avatar
xShOtz
Bounty hunter
I hope the cops get on there ass..
04-29-2011, 03:47 PM #27
xinfectedsoulx's Avatar
xinfectedsoulx
Daddy's home.
I don't think I put mine on. Never would have, won't with Xbox either. Ever.
04-29-2011, 05:00 PM #28
bmxdude9's Avatar
bmxdude9
Million Miles Of Fun!
Originally posted by SayWhat10 View Post
well im not a hacker or have super computer knowledge, so i ask

everything from every person that has a PSN account is kept in like ONE database?

like if they used javascript to inject, they're able to have TOTAL access to EVERYTHING that sony has on you? doesnt seem like a good setup


I originally had a write up(sorta a rant I guess too) that mentioned this so it was deleted. Now how these server exploits generally work is easy to understand versus actually performing it. Basically the hacker(s) find a target which in this case was PSN and then they follow the steps below for the most part. Not saying THIS is how they did it but it would be reasonable and practical.

1. Locate a potential target, PSN.
2. Scan the main host for any sub domains/IPS, open ports, installed software/demeons / OS's and traffic.
3. Once you have some of the basic info above you start to exploit or do more work as something like PSN obviously has MANY sub domains and various connections so you might want to search through some of them to hopefully find one that is exploitable.
4. Once you have your potential list and have done some research try to see if the server is running any exploitable software, addons or OS.
5. This step is a lot so Ill put it simple. Once you've found something you can exploit you need to...
*Cover your donk through tunnels, traffic and VPN's.
*Run an exploit on the exploitable ware.
*Gain low level access, escalate the access, maintain access, Steal the info you want, install your software, exploits, mods or rootkits/backdoors.
*If your good you'll wipe the mat and scrub down any environments you entered or modified along with anything you touched.
*Leave with stolen data

6. Once you have it you shouldn't have to worry about it IF you scrubbed down good, at least for awhile.

7. Isolate stolen data on an OFFLINE(completely) box and start reversing anything you need or decrypting it. Note this can take a LONG time so you better hurry before they catch on.

8. Decide what is important and not and focus on that and see what type of security it is, 256-bit, MD5 or whatever salt it has.

9. Decrypt and sell on the black market or try to make your point come across

10. Dont get caught, you'll go to jail..

Thats the BASICS and I mean BASICS of doing stuff like that.

The following user thanked bmxdude9 for this useful post:

SayWhat10

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo