Hackers Exploit Sony’s PlayStation Home
Telegraph.co.uk reports that developers have found a way to exploit vulnerabilities within the software’s code to allow them to customise their PlayStation Home experience beyond the options provided by Sony. PlayStation Home, a Second Life-like virtual world that providea PS3 users with a three-dimensional social gaming space in which to interact and communicate with other players, was launched on Dec 11.
One hack uses a combination of the Apache web server and DNS re-direction to allow users of PlayStation Home to watch their own movies on display screens within the game, and change text and music to whatever they choose. A second hack enables players to download any file they want from PlayStation Home’s servers, such as a fellow user’s profile or avatar, the cartoon-like representation of themselves they create to appear in the virtual world.
The most worrying vulnerability found in the Home software is the security loophole that allows tech-savvy users to upload any file to the Home server, or delete any file from the Home server. It raises the spectre of malicious hackers spreading viruses and malware across the PlayStation Home platform, or even launching sustained attacks on the virtual world’s servers to force it offline.
There’s speculation that Sony may legitimately open the Home platform to third-party developers to build and create additional features for the online universe. Having an official avenue for “hacks” and “tweaks” could prevent more serious and potentially damaging hacking attempts, and could also help to build an ecosystem of users and developers around the Home platform.
The growth of malware targeting online games is worrying. Items accumulated in virtual world accounts have very real financial value, which leads to an underground market for stolen virtual world accounts.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.