Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Microsoft Confirms Xbox Live Accounts Are Being Stolen

Roy Schestowitz wrote:

> __/ [ Roy Schestowitz ] on Wednesday 21 March 2007 12:28 \__
> 
>> __/ [ Roy Schestowitz ] on Sunday 18 March 2007 17:13 \__
>> 
>>> [Full-disclosure] Xbox live accounts are being stolen
>>> 
>>> ,----[ Quote ]
>>> | I just got off the phone with a Microsoft Tech for Xbox live that has
>>> | confirmed this to with me and they have stated that accounts are
>>> | being stolen and that "Hackers have control of Xbox live and there is
>>> | nothing we can do about it"
>>> `----
>>> 
>>>
http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053032.html
>> 
>> Someone/s said that it's not a reliable source. But now ZDNet appears to
>> be covering it, which gives this credibility.
>  
> Update: Microsoft began investigating. Some sources say that Microsoft
> denies while another source says that they blame 'social engineering'. Of
> course, the latter is an excuse, not an explanation. If true, it means
> they did not type down or draw a model of security. Very typical and
> similar to Windows, which was built progressively and then given Web
> access as an 'umbilical cord', rather than be designed properly from the
> ground up.
> 

Social Engineering - Collection of techniques used to manipulate people into
performing actions or divulging confidential information. Typically applied
to describe people being tricked into performing an action or divulging
information.

>From the reports of this situation so far 'Social Engineering' might be the
right title.

The most reliable I have seen is the BBC report where a security researcher
experienced it first hand. The report, at the moment, is that the IDs are
not actually being stolen at all, but given away by support employees. But
side by side with this are some users trying to use the chat system to draw
information from other users (presumably posing as support or something in
those lines).

So at the moment there is nothing to suggest that the actual Live sites have
been hacked. Though they are some wild jerno type texts suggesting all
kinds of rediculous stories, but these are stories with no meat on the
bones.



[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index