Skip to content

Are XboxLive accounts hackable?

March 18, 2007

There have been rumours about this for quite some time, but it’s getting traction now. Here’s what a quick search resulted in this morning:

2006-09-09:

Okay so I’ve had my xbox live account hacked several times, all I know is you need to be monitoring the incoming IP’s to get there IP then I have no clue.

2007-03-11:

My game tag was stolen and $80+ was used to by MS points. [—] Also I am finding out that I am not the only that this has happend to…=(

2007-03-13

I power off my console to power it back on, and then to find out that it says that my acct was recovered onto another console. [—] my Microsoft Points is now down to 310 from 1,000 something, and they purchased 500 more points on my card

2007-03-17

He blatantly says he can steal any account on your xbox with just your IP address

2007-03-17

I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that “Hackers have control of Xbox live and there is nothing we can do about it”

My best guess based on the above quotes would be that it requires the victim to be logged in, and that the hacker then performs an IP-spoofed account recovery request – but it would imply extremely bad security on Microsoft’s part.

That would be … unheard of …

One Comment leave one →
  1. Troed permalink
    March 20, 2007 20:31

    This has now been posted on Bugtraq as well:

    http://www.securityfocus.com/archive/1/463299/30/0/threaded

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s