LulzSec intercepts Nintendo configuration file, but keeps attention focused on Sony

The hacking group LulzSec has said it has a configuration file for one of Nintendo's US servers but is not planning to do anything with it.

Following its hacking of Sony Pictures, Infragard, PBS and Unveillance, LulzSec turned its attention to Nintendo despite saying on Twitter that it loved the Japanese games company and that it would hack ‘for' them.

It said: “Nintendo, we just got a config file and made it clear that we didn't mean any harm. Nintendo had already fixed it anyway. Nintendo previously said that a server of one of its affiliates in the US was attacked by the group some weeks ago but no consumer data or company information has been lost.

Graham Cluley, senior technology consultant at Sophos, said: “LulzSec is playing a dangerous game. As it continues to gain public attention through high profile hacks it is surely at risk of being investigated by the computer crime authorities.

“It seems to me that no-one should be complacent about their web security. Whether a hacking group has an axe to grind against your company, or a criminal gang is hellbent on stealing information about your customers, you had better ensure that you have proper web security in place and your sites are well defended.”

Yuval Ben-Itzhak, chief technology officer at AVG, said: “Companies with large amounts of sensitive customer information, especially those like Nintendo who are intending to process customer transactions online, should have cyber security as their number one priority.

“It has also become evident from this attack that hacking is beginning to become a glamorous, almost mainstream activity. LulzSec's claiming of the attack via Twitter demonstrates that social media is giving fringe activities a voice, and we may see an increasing amount of these ‘hacks for fame' in the coming months.”

Catalin Cosoi, head of the online threats lab at BitDefender, said: “I guess we can detect a pattern here in ripping off significant amounts of sensitive information from not-very-secure servers. This type of organisation, which stores and processes such data, is definitely a desirable target as we're talking about hundreds of millions of users around the globe.

“Actually, the gaming industry has been a favourite target for malware writers for several years now. However, the most important aspect in these two attacks is not the motivation of financial gain, according to the hackers it is about making a statement and proving that network security should be a serious business.

“I'm ready to bet we will hear more about similar incidents in the months to come. Chances are that users' interest in purchasing goods and services from companies not able to secure their data will drastically decline.”


Sign up to our newsletters