Anonymous Gets Personal with Sony Attack
Hacktivist group Anonymous took a break from attacking banks, government sites and online services to focus on Sony in retaliation for the company's legal action against PlayStation 3 hacker Geohot.
Several Sony sites, including PlayStation.com and the PlayStation Store, were hit by distributed denial-of-service attacks as part of "OpSony" on April 4. The company handling Sony's case also saw its Website under attack.
On Twitter, PlayStation would not confirm the attacks, but instead said that PSN was undergoing "sporadic maintenance."
A sub-group is claiming DDoS attacks are not enough and are advocating more aggressive and personal attacks as part of "SonyRecon."
Sony Computer Entertainment America filed suit in January against George Hotz, also known as Geohot, for exposing the root key to PlayStation 3. With this modification, users could run other operating systems on the PS3 and develop and play homebrew games on the console. Sony had removed that functionality some months before.
"You have abused the judicial system in an attempt to censor information about how your products work. You have victimized your own customers merely for possessing and sharing information, and continue to target those who seek this information. In doing so you have violated the privacy of thousands of innocent people who only sought the free distribution of information," according to a "press release" that was posted on the Anonnews site.
SonyRecon was created so that attackers could share tactics and identity information, such as name, telephone number, pictures, home address, email, IP addresses, and names of family and friends. The attackers can use the stolen identity to commit fraud or play pranks on the targets.
Someone managed to get the phone number of the head of Sony, according to IRC chatter. Several members of Anonymous have uncovered employees' family records and personal details. The extent the group is going to target individual employees is a little disconcerting.
The lawyers representing Sony, the judge presiding over the case, and several high-profile Sony executives have been declared as "valid targets."
Personal data, such as marital status, age, home address, number of children and education, belonging to Robert S Wisenthal, group executive at Sony who handles corporate development, mergers and acquisitions, has been released online, according to PlayStation Lifestyle on April 4. Other targets include Sony boss Howard Stringer among others, and one attacker complained on IRC, "No one found ANY info on Stringers kids?"
Targeting Sony executives is one thing, but going after the kids seem a little much, even for Anonymous.
Anonymous members discussed on IRC various ways to use the identity information, including creating fake ads on Craigs List "erotic services" section, sending out postcards notifying the target may have been exposed to STDs and calling them via Skype.
A Facebook page entitled "Operation SONY" indicates some kind of action is planned for April 16.