Windows Live login suggested as Xbox Live security flaw
AH suspects that the hackers grab gamertags from a game of Halo or Call of Duty, then Google the tags to find associated emails on social networking sites. They now have a potential list of Windows Live IDs. Going to Xbox.com, the hacker can now test if the email is a valid ID by attempting to sign in. An error message of "account is invalid" has them moving on to another email; "password is incorrect" means they've got a real account, but a bad password.
Now, according to the theory, the hackers start batch running potential passwords: "Xbox allows you to enter your password incorrectly 8 times on the website, then it asks for a CAPTCHA code. When hackers get to that CAPTCHA code, there is a link for "try with another Live ID." Clicking this link resets the CAPTCHA code and hackers can continue to force their way in 8 more times before they need to click the link again. This process can easily be automated by a skilled hacker."
Of course, once they are in, the hacker has access to all your account details and associated credit cards, PayPal and Microsoft Points.
Mircrosoft told us recently that the Windows Live ID has not been compromised and the FIFA hack, along with other similar incidents, are cases of social engineering or phishing. We continue to recommend changing -- and not publicly posting -- account details.
Posted:
Source: http://www.joystiq.com/2012/01/13/windows-live-login-suggested-as-xbox-live-security-flaw/#
Related Articles
Comments
Bosox3333Posted:
This happened to me -_-..... microsoft came to a resolution fast and sent me my points back it wasnt fun at all. Beware if you have a credit card on your account because you will have a very large credit card bill.
-TRiiXxy-Posted:
-Temphaa I think the hacker would be there for a few years only generating 8 passwords at a time.no it could take them a few hours if they knew how to code it would be all sped up using an automated system... you dont think someone would sit there and type 8 p.ws at a time do you?? :facepalm:
Pherry_CopperPosted:
It's not Windows Live that has been compromised. It's EA's login servers that have been compromised...I found this out awhile back when my brother and friend got hacked. They didn't post any information, didn't get phished by sites, nothing like that.
They both had the same password for their EA account. That's why they got hacked. So think about it...if a hacker is snooping in EA's login servers. They can pull all the emails and all the passwords from it. Then just try them out on xbox.com to see if it's the same thing. If it is...they will hop on FIFA with your account and use your credit card to buy microsoft points to buy gold packs and then trade them to another account.
And I guarantee this is what has been happening to people...because my brother and friend both confirmed that they used their same password for live on their EA account.
EA needs to increase their security. Nuff said.
Also...remember when some of EA's old servers got hacked awhile back? Don't you think the people that hacked them the first time wouldn't go back for the newer servers?
They both had the same password for their EA account. That's why they got hacked. So think about it...if a hacker is snooping in EA's login servers. They can pull all the emails and all the passwords from it. Then just try them out on xbox.com to see if it's the same thing. If it is...they will hop on FIFA with your account and use your credit card to buy microsoft points to buy gold packs and then trade them to another account.
And I guarantee this is what has been happening to people...because my brother and friend both confirmed that they used their same password for live on their EA account.
EA needs to increase their security. Nuff said.
Also...remember when some of EA's old servers got hacked awhile back? Don't you think the people that hacked them the first time wouldn't go back for the newer servers?
iLaYouTxPosted:
They shut down the servers for passwordsecured accounts.. i dont know why, but yeah I cant play now q.q
bhalla9Posted:
I think that happened to me because the last thing it say I have played was FIFA 0___o
CombustPosted:
I think the hacker would be there for a few years only generating 8 passwords at a time.
thePiManxPosted:
it's probably that.
BUT it's mostly like this.
http://www.thetechgame.com/Forums/t=914292/cod4cod6system-link-works-online-proof-pm-me.html
this suspended account was asking your for your password and email to do a system link hack/mod for your CoD game.
your and idiot if you give anyone your email and password! and your deserve whats coming to you!
BUT it's mostly like this.
http://www.thetechgame.com/Forums/t=914292/cod4cod6system-link-works-online-proof-pm-me.html
this suspended account was asking your for your password and email to do a system link hack/mod for your CoD game.
your and idiot if you give anyone your email and password! and your deserve whats coming to you!
Latest Downloads
- 01. Deadly Creatures | Complete Savegame(0)
- 02. Driift Mania | 100% Savegame(0)
- 03. LostWinds: Winter of the Melodias | 100% Savegame(0)
- 04. Lost Winds | 100% Savegame(0)
- 05. Mega Man 10 | Savegame(0)
- 06. Mega Man 9 | Savegame(0)
- 07. LASTFIGHT Secret character unlocked(1)
- 08. PC Horizon Forbidden West Complete Save(12)
- 09. Castlevania: The Adventure ReBirth | 100% Savegame(0)
- 10. ExciteBike World Challenge | Savegame(0)
- 11. World of Goo | 100% Savegame(0)
- 12. La Torre de las Sombras | 100% Savegame(0)
- 13. Beat the Beat: Rhythm Paradise | Savegame(0)
- 14. The Legend of Zelda: Skyward Sword | Savegame(3)
- 15. [US] Kingdom New Lands _ Crowned - CUSA10970(4)
Latest Tutorials
- 01. The Redress Of Mira 100% Walkthrough | Trophy & Achievement(367)
- 02. Russian Pinocchio Quick Trophy Guide(437)
- 03. Venatrix Quick Trophy & Achievement Guide(397)
- 04. Call of the Sea 100% Platinum Walkthrough(577)
- 05. Wire Lips 100% Platinum Walkthrough(486)
- 06. The Expanse 100% Platinum Walkthrough | Trophy & Achievement(487)
- 07. Doctor Who: The Edge of Reality - PS4 Platinum P/Thru(415)
- 08. Doctor Who:The Lonely Assassins - 100% Guide(369)
- 09. DAYMARE 1998 PS4 - Full game 100% TROPHY WALKTHROUGH(343)
- 10. Stray Platinum Walkthrough | Trophy & Achievement Guide(377)
- 11. Raji: An Ancient Epic | Complete Gameplay Walkthrough(464)
- 12. Corpse Killer: 25th Anniversary Edition - Longplay(446)
- 13. Song of Horror: Complete Edition Gameplay Walkthrough(335)
- 14. Remoteness 100% All Trophies Walkthrough(411)
- 15. Detective Inspector Mysterious Clues Platinum Walkthrough(411)
"Windows Live login suggested as Xbox Live security flaw" :: Login/Create an Account :: 26 comments