PSU security upgrades and Firefox 3 issue

  • Posted July 21st, 2008 at 06:58 EDT by PSU Staff
  • 5,730 views
  • 36 Comments

Hi PSU Readers,

On Friday last week PSU.com was compromised by a hacker who installed some bad software on our server. As soon as we were altered, we immediately traced how they got in and closed the security hole. We then changed passwords, reinstalled the OS and performed a full code audit to prevent it happening again. The site is now fully clean and running as it should be.

Unfortunately during this time, the website was anonymously reported to stopbadware.org and Google, who placed a warning notice on PSU.com that visitors using Firefox 3 are forced to see before they can reach the website (as well as a label next to our site in the search results).

In order to resolve this we have sent a request to both StopBadware.org and Google.com and we have been confirmed to be in the queue awaiting review.  They have checked out the site themselves and have confirmed the issues are gone. We do not know, however, how long it will take before they can lift this label, but hopefully it will be soon.

As regular visitors will know we work really hard here (see Dave's non-stop live blogging during E3) and it's a great shame that as a legitimate site we were penalized like this even after resolving the issues immediately.

We would like to extend our sincere apologies to anyone inconvenienced by this. We'd also like to reassure everyone that we are now devoting even more resources to anti-hack measures, so you can feel confident you are browsing a trustworthy, secure website.

Thank you for your understanding.

Best regards,

Seb, Kieran and the whole PSU team.

Advertisement

Comments

Comment

What are your thoughts?

  1. bloodwarg | bloodwarg

    • 7:07am BST - July 21st, 2008
    • 1

    yer i got threat messages i just healed or moved to vault and destroyed. also as programmer i thought id see were coming from so i sent the same virus back to orignal guys computer. lol just joking glad u fixed tho cus it has happened before

  2. Smith128 | smith128

    • 7:11am BST - July 21st, 2008
    • 2

    I just recieved an alert from adaware when trying to access the site the other day but Im glad everythings back to normal now because this is a great site!

  3. Triple Dk | TripleDk

    • 7:37am BST - July 21st, 2008
    • 3

    Stupid hackers... stick to your PSPs!

  4. Odium_Generis_Humani

    • 7:50am BST - July 21st, 2008
    • 4

    Funny you mention that about PSP's. I didn't realixe support for it stopped because of hackers. That sucks. I'm not a hacker and I love my PSP. As far as I'm concerned, hackers stole my $170 that I paid for my PSP.

  5. jimmy303

    • 7:51am BST - July 21st, 2008
    • 5

    "Unfortunately during this time, the website was anonymously reported to stopbadware.org and Google, who placed a warning notice on PSU.com that visitors using Firefox 3 are forced to see before they can reach the website" -

    well actually you cant wiev this page at all with FF the alert message popps up everywhere

  6. BlueRevolvuR | BlueRevolvuR

    • 8:31am BST - July 21st, 2008
    • 6

    yay! psu's bak! isnt it ironic this took place around E3 time?

  7. keller | Kellster

    • 8:38am BST - July 21st, 2008
    • 7

    At lease you had the decency to let us know this time, because this isn't the first time it has happened.

  8. killercop | killercop

    • 9:03am BST - July 21st, 2008
    • 8

    I got the Google warning and later scanned with my Norman Anti-virus and found a trojan. Oh well, I'm one of those who's actually willing to buy anti-virus so it really doesn't matter to me. =)

     

    And I also run Ubuntu on my 2nd harddisk so viruses here have no effect either, muahaahaa!

  9. Viperseven | Viper7

    • 9:16am BST - July 21st, 2008
    • 9

    Doesnt really matter to me since I have been using Ubuntu. The chances of getting something from this site to my computer is slim at best

  10. vax1op369 | VinnyxMac

    • 9:36am BST - July 21st, 2008
    • 10

    It said malious software or something but great job getting it back up love the sight!!!

  11. Yuk-Yuk | Yuk-Yuk

    • 9:51am BST - July 21st, 2008
    • 11

    I got that message when I went here. I just went into my options on FF 3 and disabled it so I can see the site now.

  12. joeyjoejoeshababadoo

    • 9:55am BST - July 21st, 2008
    • 12

    Its not ironic.. Its what happened, You sir need to learn the definition of Irony.

  13. ephracis | ephracis

    • 10:43am BST - July 21st, 2008
    • 13

    3rd Ubuntu. ;) No viruses.

  14. octhug714 | octhug714

    • 11:54am BST - July 21st, 2008
    • 14

    Haha..stupid microsoft!lol

  15. gingo | gingo

    • 11:59am BST - July 21st, 2008
    • 15

    psn id: gingo... yea i saw this and thought WTF but i just turned off the thing that tells you that it is a reported site and it let me in

  16. terminator12259 | tacitassassin25

    • 12:44pm BST - July 21st, 2008
    • 16

    seriously what is the point of hacking psu, some people have no lives what so ever, they should be watching batman tdk, or play their ps3's not wasting their time hacking psu

  17. Babiloo | XavierHarkonnen

    • 1:37pm BST - July 21st, 2008
    • 17

    i just ignored the warnings :P

  18. TRIPLEACE | GODSACE

    • 2:59pm BST - July 21st, 2008
    • 18

    this site  dosen't deserve this crap!

  19. Pudgieluv

    • 3:14pm BST - July 21st, 2008
    • 19

    Probibly Microsoft trying to slow down ps3 es info.

  20. Wise_guy

    • 3:59pm BST - July 21st, 2008
    • 20

    Also running Ubuntu!  Never going back to Windows or any other M$ software for that matter.

  21. G00ber1993

    • 4:51pm BST - July 21st, 2008
    • 21

    no matter what happend i still think this is one of the best and most helpful sites on the web

    and the hacker was probally some dumb a ss no good 360 fan lol

  22. Staticneuron | Staticneuron

    • 7:54pm BST - July 21st, 2008
    • 22

    im back on here.  I have missed thee so.

  23. CrimsonSnake | Otacon_UK

    • 8:30pm BST - July 21st, 2008
    • 23

    The site is back in the green

  24. MartinSWE

    • 9:51pm BST - July 21st, 2008
    • 24

    yay the site workes again.

  25. NoMercy666 | Ask me...

    • 9:59pm BST - July 21st, 2008
    • 25

    Don't worry, you guys did a great job!

  26. electricmine | cookiehour

    • 10:33pm BST - July 21st, 2008
    • 26

    I'm just glad things were fixed. I don't know why this site keeps being attacked like this but it sounds fishy.

  27. jatt4964

    • 3:03am BST - July 22nd, 2008
    • 27

    its fixed :D

  28. jfash007 | jfash007

    • 3:26am BST - July 22nd, 2008
    • 28

    i ignored the warning, just like i ignored xbox s*t 360.

  29. jigglespsu

    • 5:37am BST - July 22nd, 2008
    • 29

    What exactly was the payload? I need to check see if any lingering issues affect my system


  30. yungder | yungder

    • 8:14am BST - July 22nd, 2008
    • 30

    nice to see the site back online and clean...

     

    PSN:  yungder

  31. incredibilistic

    • 10:02am BST - July 22nd, 2008
    • 31

    Good job getting everything up and running so quickly. Good thing too, this is the only site my office hasn't caught onto (most other sites are blocked) so I can still get my PS3 fix when I need it.

  32. xStatiCa

    • 10:21am BST - July 22nd, 2008
    • 32

    To begin with I love the PSU site and visit it daily.  It contains a great source of PS3 information.

    Even legitimate sites can be compromised though and deserve to be shown as a warning if their site is compromised.  How much work is put into a site does not equate to the security level of the site if that is not where the work is spent.  This site was compromised and spreading malware(and who knows what).  Firefox3 alerts us to it so to avoid the site(I run linux but still appreciate the warnings).  So far things worked preciesely how they should.  It might take some time to verify the clean state and hopefully that can improve but the compromise shouldn't of happened to begin with.

    With that aside I am glad the site is verified clean again.  I need my psu injection in the mornings.  Congrats on getting to the bottom of the incedent and cleaning it up.

  33. BlueRevolvuR | BlueRevolvuR

    • 11:40am BST - July 22nd, 2008
    • 33

     for some reason it is still shown as an attacked site on firefox. lukily i'm viewing the site through safari

  34. bucko | BuckoDessie

    • 11:56am BST - July 22nd, 2008
    • 34

    Good job guys PSU.com working perfect in my FF 3.0 now :D..did take a few days, good job just remember to keep backing up your Web Site and MySQL database's these hackers are so annoying, make sure things are up to date to but good work :).

  35. meatee | meateetj

    • 4:30pm BST - July 22nd, 2008
    • 35

    Glad to know everything's back to normal, I've been avoiding the site the last couple days after seeing the alert in Firefox 3. And as of right now, Firefox 3 is no longer popping up an alert.

  36. lforet | RaineKos

    • 6:11pm BST - July 22nd, 2008
    • 36

    Yea... I was wondering what happened. Threat report on PSU!?!?!?! WTF!!! Glad to see it was cleared up

Article navigation

More

eXTReMe Tracker