PSN hacked, CFW on PlayStation 3 Could Reveal Credit Card Info [Report]

What a shocker! Some anonymous PS3 hacker is claiming to have decrypted nearly 100% of the traffic transferred over proxies, http and https to and from the PSN. The decrypted data includes sensitive information like credit card data, PSN credentials, Personal information, et cetera. Here is the full research:




 
 According to hacker, even if a connection is SSL encrypted, companies are aware of the big risk behind custom CA files and it’s possibilities. SONY seems not to care about those known vulnerabilities. It is a big company and a HUGE network. With huge we mean a magnitude of hundreds and even thousands: the PSN utilizes thousands of servers, handled by a very small group of administrators and quality assurance people. The IP ranges and domains of these servers are retrievable by anyone, cause this is how the Internet works ! It is all public data and information !

An example is the credit card information and the login authentication itself. Take a look at the traffic:

creditCard.paymentMethodId=CC_COMPANY&
creditCard.holderName=EXAMPLENAME&
creditCard.cardNumber=1234567890123456&
creditCard.expireYear=2012&creditCard.expireMonth=2&
creditCard.securityCode=123&
creditCard.address.address1=EXAMPLESTREET%2024%20&creditCard.address.city=EXAMPLECITY%20&
creditCard.address.province=EXAMPLEREGION%20&
creditCard.address.postalCode=12345%20

The credit card information should ALWAYS be encrypted. In ANY case. At least the security code. SONY is only relying on it’s https connection. With all those CFWs spreading around, this is not secure anymore. Same goes for the user details:

serviceid=IV0001-NPXS01001_00&
loginid=example@mail.com&
password=examplepassword&
first=true&
consoleid=EXAMPLEID123

Such sensitive data can now be captured by anyone who builds his own custom firmware with custom certificates. There are enough n00b-friendly tools by now. Means, little scriptkiddies can spread their little CFWs and phish user data. As many of these people are using a third party DNS, they are a potential victim of phishing. At the beginning of the PS3 launch, this user data was even transferred over http !

The PlayStation Network agreement states that SONY is allowed to collect nearly any data that is connected with your privacy.It is clear, that SONY won’t tell you WHAT they are collecting in the TOS etc., as many people would never accept that TOS.

A few month ago we noticed the TOS silently beeing updated without a new user agreement request. It was about that you have the right to contact a “Data Protection Officer” at SCEE, who can can give you details about what data is collected. So we phoned SCEE. Beeing forwarded to many people, it turned out that there is no so called “Data Protection Officer”.

Funny right? Shortly after this call, the clause was removed from the TOS. SONY itself told us, that they do not know, what we are talking about regarding this Officer. They told us, that there was never such a position inside SONY, neither a phone number. Even the address was non existing ! Still it is an impudence what huge amounts of data they are collecting. One example is an information list which is transfered everytime you login the PSN as well as at some random time. A few short quotes:

TFT-TV

This is a string sent to SONY which includes your TV model. The list is long and contains a lot more like information about attached USB devices, your home network, your playtime behaviour, installed games, apps, homebrews or their so called “circumvention devices” and so on. Details about your Home network, statistics etc.


“Sony is the biggest spy ever… they collect so much data. All connected devices return values sent to Sony’s servers,” the hacker said. He claims that Sony knows what controllers you’re using, what USB devices are plugged in, what sort of television you’re using – everything. Here’s another section of the chat log:
user2: another funny function i found is regarding psn downloads
user2: its when a pkg game is requested from the store
user2: in the url itself you can define if you get the game free or not. requires some modification in hashes and so on tho
user3: ..
user2: is like
user8:
user3: my god
user2: drm:off

That’s not all: your credit card information is apparently being sent as an unencrypted text file. This is how the code is being sent to Sony:

creditCard.paymentMethodId=VISA&creditCard.holderName=Max&creditCard.cardNumber= 45581234567812345678&creditCard.expireYear=2012&creditCard.expireMonth= 2&creditCard.securityCode=214&creditCard.address.address1=example street%2024%20&creditCard.address.city=city1%20&creditCard.address.province=abc%20&creditCard.

This information is allegedly being stored online and is updated every time you turn on your system. We’ve been receiving reports from various sources that e-mails are being sent to those with hacked firmware even before they log back into the PlayStation Network, which is even more evidence that Sony is grabbing information from your system just from being connected to your wireless network.

Generally, the PS3′s connection to PSN is protected by SSL and the identity of the remote server is verified using a list of certificates stored on each PlayStation 3 console. The credit card and other sensitive information is sent over this SSL connection. But, according to hackers, CFW could easily subvert this system. However, he has just claimed and not demonstrated to compromise PSN.

In addition to this, he claims to have developed a function which will enable to get all the games, DLC, you name it at the PSN Store for free. You can read all the chat logs where the hacker and other persons named as user1, user2, user3 etc are discussing about circumventing PSN access.

For more news coverage, you can follow us on Twitter or become a fan on our Facebook page, we will keep you updated with posts over the web


If you found this post useful, dont forget to click the +1 button =>  

Follow GreenPois0n on Google+


blog comments powered by Disqus