Pierluigi Paganini
November 22, 2014
News going round that Derp Trolling hacked Sony’s PlayStation Network(PSN), Microsoft’s Windows Live and 2k games studio freaked out millions of users, but now security experts says the alleged hack could be a hoax meant to attract attention to the hackers’ group.
In a post on twitter and on the anonymous’ text sharing site, Pastebin, Derp Trolling claimed to be in possession of tens of thousands of Usernames and passwords for PlayStation Network , Windows Live and 2k games studio accounts.
“Dear Internet, the following is a very small portion of Lord Gaben and the rest of his crews glorious raids across the high seas of the Internet,” bragged Derp Trolling adding that they had over 7m account details including 1.2 million credentials from CIA domains “Let this be a warning to all. Nothing is safe from Derp.”
In time we are writing the Twitter account @GabenTheLord used by the Derp Trolling was suspended, meanwhile the account Derp Trolling used in the past doesn’t provide any update.
However, a cross-examination of the leaked details has questioned the credibility of the alleged hack. Security Experts who to tried to verifying some of the usernames and passwords dumped on Pastebin were met by a response saying
“Not a valid e-mail address. Please try again,”
a clear indication that the accounts were never signed up on PlayStation Network in the first place.
“Looking through the list, there’s certainly an awful lot of crossover with data from previous breaches, in particular the Adobe one,” Rik Ferguson, vice president of security research at Trend Micro told the guardian. “The random sample cross-referencing I have done certainly show that the majority of data listed here has shown up already in previous breaches with a very few exceptions which seem to appear only in this particular paste.”
Last weekend, Derp trolling owned up to causing Denial of service (DDoS) on Blizzard’s servers among a host of other attacks done in the past.
“You heard about Anonymous knocking the entire .Mil domain offline? Well that was us! You hear of RedHack launching DDoS attacks against Turkey’s government? That was us as well! You heard about LulzSec knocking gaming servers and websites offline? Well that was us too,” said Derp trolling adding that the hackers’ group meant business this time. “Most people only see the Gaming side of us! We can be very serious hackers.”
Ironically, Derp Trolling claims it hacks to help companies fortify their networks by identifying their security flaws.
“Derp Trolling in no way wants to harm our children by leaking such damaging data. It’s only a warning to the companies,” claims Lord Gaben.
In a statement, Microsoft said
“We are investigating this issue and will take the necessary steps to protect customers as needed.” Sony on its part says there is “no evidence that there was any intrusion into its network,” adding that the company is taking the threats “very seriously and will continue to monitor its network closely.”
We must consider that the number of cyber attacks against gaming platforms is constantly increasing, last year Nintendo and Ubisoft we among the numerous victims of data breach … an it is just the tip of the iceberg.
Gaming platforms are a privileged targets for criminal crews and state-sponsored hackers. Cyber criminals are mainly attracted by possibility to steal sensitive information, including user data and credit card numbers, to sell in the underground market. State-sposored hackers are mainly interested into exploitation of gaming platforms for cyber espionage purposes or to abute of their resources to run cyber attacks.
Apparently, we live in world where cyberattacks including phishing scams and password matching is an everyday reality. In such a precarious environment, the next hack is just a click away. Whether the latest hack was genuine or Derp Trolling was just bluffing, every day is good day to change your password.
Written by: Ali Qamar, Founder/Chief Editor at SecurityGladiators.com & Pierluigi Paganini
Author Bio:
Ali Qamar is a cyber-security research enthusiast who enjoys “deep” research to dig out modern discoveries in the security industry. He is the founder and chief editor at SecurityGladiators.com, an ultimate source for worldwide security awareness having supreme mission of making the internet more safe, secure, aware and reliable.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Gaming, PlayStation Network ,Windows Live)
[adrotate banner=”5″]
[adrotate banner=”13″]
