Sony's just not catching any breaks lately. First there was a massive security breach which forced the company to shut down the PlayStation Network, then there were difficulties in restoring the game service, then there was a security flaw in the PlayStation Network password reset feature ... and now a phishing site was discovered hidden on Sony's servers.
Security firm F-Secure reports that this particular security issue doesn't appear to have anything to do with the PlayStation Network hack, but it's still not something to brush under the carpet.
Basically there was a phishing site targeting an Italian credit card company on hdworld.sony.co.th — a subdomain of the official Sony Thailand website. While trying to access the malicious site leads to a phishing warning in most browsers right now, there is only a 404 error page waiting if the warning is ignored. We're assuming this means that Sony or some other party rushed to remove the phishing site.
The Next Web points out that it's worth noting that the phishing site "doesn’t necessarily mean that Sony.co.th or Sony.com got hacked, because the sub-domain in question may run on an external party’s server."
Now while that's almost comforting, the way Mikko H. Hyppönen from F-Secure elaborates on that assumption echoes in our minds:
I believe this particular site might run on some ad agency’s IP address. Nevertheless, it’s under Sony’s name, so technically, it’s Sony’s server.
- Sony begins restoration of the PlayStation Network
- Sony PSN password page shut down due to flaw
- Sony CEO defends response to hacker breach
- Japan says 'Not so fast' to Sony PlayStation Network