Sony PSN hacking Incident Timeline and Perpetrators Update
Leave Anonymous Alone – Eidos Hack Proves Web Activist Group’s Innocence over Sony Debacle
Today marks a day of exoneration for Anonymous, but not for those who work under their good name for their own personal gain. A hacking incident on Eidos and Deus Ex related websites, coupled with lurkers on IRC pinpointing the actual hackers, plus recording them discussing their tactics related to framing other users and stealing user information, has shed light upon this foul splinter group and their treacherous ways. Read below for a detailed timeline of both the failures by Sony to perform and their subsequent invalid blaming of the Anonymous collective.
Sunday, April 3rd 2011
Anonymous posts first sign of OpSony on AnonOps Communications blogspot page. This is the first ‘public’ notification of an organized action against Sony; other related planning potentially occurs before or after this event in Anonymous IRC domains. The main AnonOps website is still under control of its original owners at this time, and is used as a base of co-ordination and as a hub for IRC hosting.
Tuesday, April 5th 2011
Sony posts initial ‘maintenance’ excuses for sporadic PSN failure. Media speculates due to AnonOps blog post two days earlier. Today’s information confirms Anonymous involvement, but not to the tune of information theft as the media first thought.
Tuesday, April 19th 2011
The Sony DDoS attack is widely reported by the media, but the actual attack may have occurred one or two days earlier. At this point, members of Anonymous working for their own cause and under their own motives enter Sony servers and extract credit card details and personal information from an estimated tens of millions of customer accounts, while leaving a text file within hacked servers named ‘Anonymous’ and reading ‘We are Legion’. Whether this was a genuine goad to the company or just a plan to implicate other members of the movement is yet to be seen. Speculation leans towards the latter.
Wednesday, April 20th – 21st 2011
The Playstation Network is shut down, and the first trickles of outcry arrive from the community. The Playstation blog acknowledges this a day later, announcing downment of the PSN, Qriocity, and Sony’s forums (potentially), plus the Playstation Store. The company attests the PSN is down for ‘Maintenance’ but most of the community is aware of the attacks that Sony hasn’t told them about.
Wednesday, April 27th 2011
Sony Communications Lead Patrick Seybold – “There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”
Thursday, April 28th 2011
In response to Sony’s mistreatment of both its customers and their data, the California Court on behalf of the public and the consumer launches a class-action lawsuit against Sony for failing to notify its members of hacking and data theft promptly, and also letting the invasion of their servers occur. Recent reports have it that Sony’s network wasn’t secure to today’s standards and thusly, the company was held responsible for the negligence involved in not updating security.
Wednesday, May 4th 2011
Around two weeks after the intrusion, Sony finally brings in professional security staff and the FBI to investigate in a manner that will hopefully outperform the slack and frankly inconclusive probing by Sony staff. This does not stop Canadian courts from dropping the company a second class-action lawsuit to the tune of $1 billion. Sony starts to offer incentive rewards for returning PSN users, although this alone will probably not compensate for the potential credit card fraud which may be inflicted on the now confirmed 100 million users in the next one to three years.
A Day of Infamy – Thursday, May 5th 2011
[Between the 5th and the 10th]
Sony vaguely attempts to reboot the PSN, throws out vague release dates, promises treats to returning users, does nothing about stolen data, blames Anonymous for everything etc…
Wednesday, May 11th 2011
In an illegal attempt to silence the group, AnonOps is hacked and downed, and still is today. A UK hacker named Ryan Cleary apparently has taken control of the site and related IRC channels used for planning the operations Anonymous is known for. This reporter believes Ryan is butthurt over not being able to play Black Ops online, and is out for revenge against the party the media has bastardized. This also may have been used as cover for the next hacker attack two days later; due to the fact regular Anons had no access to IRCs used by the splinter group to discuss their next move.
Anonymous Exonerated – Friday May 13th 2011
Earlier today, and additionally yesterday night, a group of hackers using tactics relating to framing other users and stealing personal data entered Deus Ex related servers along with Eidos networks in order to steal personal information. What they didn’t bank on was an unknown IRC member lurking in their planning session and taking down everything typed there.
This information, in the eyes of this reporter, exonerates the virtuous and law-abiding component of Anonymous for all incidents discussed, and hereby invalidates any mean-spirited and bitter reprisal or blame on the group by either Eidos or Sony for these incidents. It is clear the Anonymous group has either been infiltrated by information thieves, or these thieves have only just made themselves known to the world now.
The members of the splinter faction of Anonymous, dedicated to unlawful information theft, have been only identified as Cleary, ‘eve’ and ‘nigg’. The group also involved Ryan Cleary (Blackhatcat) in their operations, but apparently used his services before scapegoating him for the Deus Ex site hacking incident via leaving his, and the names of other well known hackers, on the hacked Deus Ex domain page.
An unnamed observer comments:
“ev0 and nigg got the [hacking tool] they used to break in [to Eidos.com] from one guy, then got Blackhatcat to execute it and then screwed everyone, stole the database,”
“This is how those guys roll: One day they work together, the next they war. They drop [revealing personal details] on each other like it’s a game. Just like they did pinning the defacement of Deus Ex on Blackhatcat. Then denied the whole thing.
“Its psychotic behaviour like I have never seen. It’s like they hate each other but will work together on certain [Anonymous operations] if it suits them, but then might turn on each other in the end …and then laugh it off.”
This attack caused personal details of some 80,000 registered users on both sites to be stolen.
In short, a splinter group masquerading as Anonymous is ripping off hacking software from other users before scapegoating them for the splinter group’s use of these hacks. This backstabbing enterprise is all for the purpose of stealing personal data. The splinter group’s members are even scapegoating each other so they can sell said data without potentially having to share the proceeds.
The splinter faction described above is the problem that all parties concerned in recent hacking issues are dealing with here.
The fact that this splinter faction exists proves that the existence of other factions of this nature, and their, or the discussed faction’s, potential responsibility for Sony’s incident is a more likely conclusion to finding someone to blame. This reporter suggests that Sony and co. look into these incidents and decide who really is responsible.