Share

Related Links

  • Xbox Live
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

  • Comodo admits two more Registration Authorities hacked
    US digital certificate authority Comodo has admitted that two more of its Registration Authorities (RAs) have been hacked. The hacks appear to be separate from the so-called Iranian lone hacker incident earlier in the month when at least five accounts were compromised.
  • Australian PM's emails hacked
    The Australian Security Intelligence Organisation (ASIO) – the equivalent of the UK's MI5 operation – is investigating a major hack of the government's email systems down under.
  • Have cybercriminals hacked Visa/Mastercard 3-D Secure?
    You're probably familiar with the 3-D Secure system of card security for online transactions - aka Verified by Visa (for Visa) and SecureCode (for MasterCard) - but now a security researcher is reporting that cybercriminals may have found a way around the online transaction security.
  • Exxon, Shell, BP hacked in Night Dragon attacks
    Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers working through internet servers in China, say US reports.
  • Facebook founder's fan page hacked – or was it?
    In a supremely ironic situation, especially given the recent furor over the social networking site's privacy rules, it looks as though Facebook founder Mark Zuckerberg's fan page on the portal was 'hacked' yesterday evening.

Top 5 Stories

News

Xbox Live policy director's account hacked

05 April 2011

An upset Xbox gamer has publicly hacked the Xbox Live policy and enforcement director's online account, posting a YouTube video and claiming that the use of foreign customer support centres means that almost anyone's Xbox account can be hacked.

The video, which Infosecurity notes is both rambling and racist, asserts that, because of language issues, it is possible to use social engineering techniques to extract account passwords from overburdened support staff in India.

Stephen Toulouse, Xbox Live's policy director, has confirmed his account was hacked on Twitter. Unconfirmed reports suggest that Xbox has started a top-level enquiry into the issue and is working with law enforcement officials.

The hacker - calling himself Predator - claims he was upset with Toulouse for repeatedly banning him from the online service and has started offering to hack other Xbox accounts for $250.00

The Softpedia newswire says that Predator's modus operandi appears to be social engineering and that the attach methodology should not - in theory at least - be successful.

This is because, says the newswire, "large domain registrars have security checks in place for procedures that deal with changing ownership or recovering control of a domain."

"However, it only takes one poorly trained employee for this system to break down. For example, Baidu, the company operating the largest Chinese search engine, sued Register.com for gross negligence after one of its staff handed over control of Baidu.com to a hacker", the newswire notes.

"The attacker failed to produce valid answers for the identity verification checks and used a suspiciously named @yahoo.com email address as new contract for the domain, something that should immediately have triggered red flags", the newswire adds.

According to the UberGizmo portal, meanwhile, Predator appears to have not only hacked the Xbox account of the Xbox policy director, but also taken control of his Stepto.com domain from Network Solutions, his hosting provider.

This article is featured in:
Application Security  •  Data Loss  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×