Share

Related Links

  • Xbox Live
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Top 5 Stories

News

Xbox Live policy director's account hacked

05 April 2011

An upset Xbox gamer has publicly hacked the Xbox Live policy and enforcement director's online account, posting a YouTube video and claiming that the use of foreign customer support centres means that almost anyone's Xbox account can be hacked.

The video, which Infosecurity notes is both rambling and racist, asserts that, because of language issues, it is possible to use social engineering techniques to extract account passwords from overburdened support staff in India.

Stephen Toulouse, Xbox Live's policy director, has confirmed his account was hacked on Twitter. Unconfirmed reports suggest that Xbox has started a top-level enquiry into the issue and is working with law enforcement officials.

The hacker - calling himself Predator - claims he was upset with Toulouse for repeatedly banning him from the online service and has started offering to hack other Xbox accounts for $250.00

The Softpedia newswire says that Predator's modus operandi appears to be social engineering and that the attach methodology should not - in theory at least - be successful.

This is because, says the newswire, "large domain registrars have security checks in place for procedures that deal with changing ownership or recovering control of a domain."

"However, it only takes one poorly trained employee for this system to break down. For example, Baidu, the company operating the largest Chinese search engine, sued Register.com for gross negligence after one of its staff handed over control of Baidu.com to a hacker", the newswire notes.

"The attacker failed to produce valid answers for the identity verification checks and used a suspiciously named @yahoo.com email address as new contract for the domain, something that should immediately have triggered red flags", the newswire adds.

According to the UberGizmo portal, meanwhile, Predator appears to have not only hacked the Xbox account of the Xbox policy director, but also taken control of his Stepto.com domain from Network Solutions, his hosting provider.

This article is featured in:
Application Security  •  Data Loss  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×