200 PS3s used to create an undetectable hack attack

Got news? tips@destructoid.com | Never miss a story: RSS + Twitter + YouTube

Hey! New here? Destructoid is a gaming discussion community, updated nearly every 20 minutes. Make a quick avatar to comment and enter our contests. Take the tour!

Home Hacking updates

get involved

register or login
post a blog
post a forum
enter a contest
discuss a review
contribute a news tip
write a guest editorial

support

new member's guide
login assistance
tech support
report abuse
email our editors
read our dev blog
nuclear crisis?

keep in touch

RSS feed
Twitter
Facebook
Myspace
Flickr
Game nights
Meet-ups

seriously

about us
advertising
terms of use
privacy policy
jobs at MM
buy our crap

our network

Tomopop
Japanator

Destructoid is an independently-run publication forged by our love of video games and the gaming community's need of accountable enthusiast press
living the dream since March 16, 2006

4:29 PM on 12.30.2008, Dale North

31 comments

200 PS3s used to create an undetectable hack attack photo

Hacking

A farm of about 200 PlayStation 3s were used to by researchers to launch a nearly undetectable phishing attack, says NetworkWorld. Their goal was to exploit a bug in the Web site security certificates you use daily on the internet. The researchers were able to hack into Verisign's RapidSSL.com certificate authority and create fake digital certificates for any Web site on the Internet.

The PS3 farm spits out fake certificates that would be trusted by any browser. NetworkWorld says that the PS3's Cell Processor is popular with code breakers for its ability to perform cryptographic functions well.

The group plans to present their findings at the Chaos Communication Congress hacker conference, to held in Berlin on Tuesday.

Naturally, Verisign was pissed, and it looks like they were the last to know:

"I can't express how disappointed I am that bloggers and journalists are being briefed on this but we're not, considering that we're the people who have to actually respond," said Tim Callan, vice president of product marketing with Verisign.

Next page: More top stories stories

World in shock at mention of upcoming Skate sequel
17 comments

See the Little Sister 'makeover' of BioShock 2
16 comments

Telltale: 'our engine doesn't run on the PlayStation yet'
12 comments

Ubisoft takes over publishing for Heroes Over Europe
2 comments

Xiofire at 12/30/2008 16:46

Still don't know how this would be done. Not through Linux because that doesn't give the user full access to the Processor or any of its power. And I don't think the XMB has a hacking option. :P

Still interesting, makes me see the PS3 not just as a gaming machine or a media center, but more as a Tech Demo of the Cell Processor and Blu Ray.

RonBurgandy2010 at 12/30/2008 16:48

BOW BEFORE THE PS3 ARMY!!! BOW I SAY!!!

Cartman at 12/30/2008 16:48

Forgive me, but what would this ultimately allow them to do?

GrayFox at 12/30/2008 16:49

They tried to do this with the Xbox 360 but they all got 3 red lights indicating hardware failure!! LOL!

linuxguy at 12/30/2008 16:49

@Xiofire: under linux you get access to 6 out of 7 SPEs which is not too shabby

Jonathan Ross at 12/30/2008 16:51

@cartman Basically, it could spoof any website and present a legitimate authorization certificate. Theoretically, someone could create a dummy site of, say, eBay, then have that site present a valid Verisign certificate, and then people enter their login/creditcard/paypal/whatever information and get it stolen. It's like all those spam emails you get from your "bank" saying that you have to reactivate you credit card or whatever, and the link directs you to some obviously fake site.

Cartman at 12/30/2008 16:55

Thanks for the clarification. But also, since when was there a hackers convention? Lulz.

Niero at 12/30/2008 16:55

@ Cartman - steal your yobs

But can 200 PS3's render Crysis in 1080p flawlessly? Would they blend?

Uther at 12/30/2008 17:10

PS3 is evil! Here is the proof!

CrocBox at 12/30/2008 17:10

Hmm... That's bad.

The-Excel at 12/30/2008 17:14

I want to go to the C3 but it costs like 80 Euro to get in.

superezekiel at 12/30/2008 17:28

the CHAOS COMMUNICATION CONGRESS.

after that, the matter will be taken to the UNHOLY HELLHOUNDS HOUSE OF REPRESENTATIVES.

Holyetheline at 12/30/2008 17:37

Wow this is impressive.

Coldbrand at 12/30/2008 17:53

Maybe if the ps3 had more games they wouldn't have to resort to things like this to fill the void.

Timmeh at 12/30/2008 17:58

@Cartman - More common than you might think: Here's what Wikipedia has.

Not all 'hacking' is done with the goal of 'stickin' it to the man' or stealing your mother's credit card details, the computer security industry actually learns a lot by working with hackers at events like these.

Mushman at 12/30/2008 18:14

Wow, impessive

Mabui at 12/30/2008 18:35

This could be good news for Sony - with the sale of 200 PS3's to every hacker, thief, or Otaku's.

sleepingagain at 12/30/2008 18:39

that is fucking epic....

Crackpot360 at 12/30/2008 18:51

Make it 300 PS3's and tonight we will all dine in hell.

The-Excel at 12/30/2008 18:55

@Crackpot360:
If such a cluster of PS3s were to exist (heaven forbid), that may actually be a reality.

CharleyTony at 12/30/2008 19:03

this hacking feature should have been removed instead of the ps2 BC

Crumpet Lips at 12/30/2008 19:12

That is really really bad. Hopefully that exploit is patched up sooner than later. I can't begin to imagine how much havoc that would wreak over the internet from people/organizations that can afford 200 PS3's and build an array like that.

teach4food at 12/30/2008 19:43

So that was what my PS3 was doing when I first hooked it up. Making Sony more money by creating Phishing sites. It does explain the constant delays and redundant menu commands.

brainderailment at 12/30/2008 20:29

20111904 Skynet

MotoRobo at 12/30/2008 22:00

Remember when PS2s weren't allowed in Thailand b/c of potential military application? How long 'til our oppressors get it into their heads to require licenses for console ownership? How many generations until our descendants consider unlicensed console-owners untrustworthy and indecent, like an unlicensed surgeon?

carpwrist at 12/31/2008 08:51

@MotoRobo, oh yea, I remember that. There was an article about the PS2 before it came out in EGM that said the PS2 had the capability of launching missiles.
Israel thought it was the Hamas the whole time, we should have been keeping an eye on Sony since 9-11...

Drach at 12/31/2008 10:36

The PS3 is not EVIL. The people who own those particular PS3's are showing us what Evil they could be made to do. Know the difference.

Kneel Before the almighty PlayStation Army! All your Credit card information and private log in information are BELONG TO US.

liqideos at 12/31/2008 22:26

Imagine the possibilities if it just had a regular influx of compelling software.

Roryzilla at 01/01/2009 18:15

Haha. Take that Verisign, you're entire setup is a joke.

Returning Dtoiders: login now to post a comment

Destructoid is an open discussion community. You don't need to "audition" to post a comment - just Create an avatar now - it's fast and free: PLUS you also get your own gaming blog and begin posting stories and uploading videos in our open community area that may also appear on our home page. Sign up and we'll guide you through it, it's easy and 100% anonymous.

Original Videos

SGC 09: Jack Thompson keeps his clothes on

Reviews
	Mad Dog McCree Gunslinger Pack

	Overlord II

	Yosumin Live!

	Let's Tap

	Ghostbusters: The Video Game (Wii)

View all Game Reviews

Community blogs - 39767 Dtoiders!
This month's theme: Untapped Potential




New to Dtoid? Read the survival guide

Originals

The best and worst '4th' videogames EVER!
Retroforce Recap: so what about those dirty games, now?

Exclusive: Unbound Saga comic book pin-up artwork

Check out Into the Night with Chris Crawford & Jason Rohrer

The best videogames of 2009 ... so far

Destructoid interview: StarCraft II's Dustin Browder

Videogame characters that I would have sex with

Top ten Jeff Goldblum games (because I think he is dead)

My Father the Phone: A tribute to Ness's dad

A difficult subject

more original Destructoid stories

Popular now

more

GameStop bundling rubber duckies with Wiis ... WHAT?!

This looks amazing: New Shatter gameplay

Review: Overlord II

Ratchet & Clank: A Crack in Time gets pre-order incentives

Steam madness: 20 games from 2K for a cool $54

Rev Rant: Metroidvanias

Exclusive: Unbound Saga comic book pin-up artwork

The Daily Hotness: Punch a shark!

Battlefield 1943 hitting LIVE and PSN on July 8th and 9th

Friday.Night.Fights is live! Compete to win a Cyberpower PC

Destructoid is:
	Nick Chester Editor-in-Chief		Jim Sterling Reviews Editor
	Dale North News Editor		Hamza Aziz Community Manager
	Anthony Burch Features Editor		Rey Gutierrez Video editor & director
	Niero Founder, publisher	Letters to the editors tips@destructoid.com
Associate Editors
	Ashley Davis		Jonathan Holmes
	Brad Nicholson		Jonathan Ross
	Brad Rice		Jordan Devore
	Chad Concelmo		Matthew Razak
	Colette Bennett		Tom Fronczak
	Conrad Zimmerman		Topher Cantler
	Dyson		Samit Sarkar

Contributors
Adam Dork Ben Perlee Daniel Lingen Joseph Leray	Joe Burling Mikey Will Maddock Stella Wong