KEY POINTS:
Hackers have compromised the US based PlayStation website, according to IT security company Sophos.
SophosLabs researchers say cybercriminals have successfully used an SQL injection attack to plant code on pages promoting some games.
The company claimed that the hackers tried to dupe site surfers to Singstar Pop and God of War game pages with a fake anti-virus scan that infected their computers with a variety of viruses and Trojan horses.
It was using a fake virus software offer to get users credit card details, but Sophos warns that it would be simple for the hackers to became more malicious, and installed code designed to turn Windows PCs into a botnet or to harvest more confidential information from users.
"There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games," said Sophos spokesman Graham Cluley.
"Most would never expect that surfing to a website like this could potentially infect them with malware. If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals."
- NZ HERALD STAFF
