Hackers Targeting Xbox Live

darthcamaro writes "Windows isn't the only piece of Microsoft technology that hackers are attacking anymore. During a presentation at the SecTor security conference in Toronto, a Facetime security researcher revealed numerous methods by which Xbox users are being hacked today. 'Though the Xbox doesn't have the number one market share, it is the top target for hackers,' Boyd said. 'Xbox Live has 17 million plus subscribers, and that service requires payment.'"

Everything is said.

'Though the Xbox doesn't have the number one market share, it is the top target for hackers,

This phrase says everything.

Re:Everything is said.

[megamerican]

'Though the Xbox doesn't have the number one market share, it is the top target for hackers,

This phrase says everything.

It does have the number one market share for paid online subscriptions, which means it'll be a big target for phishers. Xbox live accounts have real value, which means it will be a target for hackers and phishers.

Re:Everything is said.

[DdJ]

Indeed it says a great deal in that the myth that "Microsoft is the number one target because Microsoft is number one" is now shattered with this reported fact/statistic.

This is misleading.

XB360 is not the top console, no. Wii is. But how many of those Wii players network their machines? And how many of those also attach payment information to their machines?

In terms of network accounts with cash flow attached to them (ie. paid subscribers to a network service), Microsoft is number one. There are more paid XBox Live accounts worldwide than there are active "World of Warcraft" accounts! When looked at this way, Nintendo and Sony aren't even close. And so, the priority for hackers makes a great deal of sense.

Re:Everything is said.

[jayme0227]

Actually, this news doesn't shatter the theory. Basically it reaffirms it. XBox Live is the #1 for-pay console network, hence it is the biggest target.

Top target?

[6031769]

Though the Xbox doesn't have the number one market share, it is the top target for hackers

But MS have been telling us for decades that the reason so many viruses are written to target Windows is that it is the number one OS in market share. So that quote from the summary can't be right.

Can it?

Re:Top target?

[VisiX]

RTFA, there is no hacking being done. It's all DoS attacks, social engineering, and phishing scams. These methods are all independent of the hardware and in most cases the services being offered.

Also, while the xbox may not have the largest marketshare I would argue that it is very likely to have the largest and most active online community. The article is about "hacking" account information, not the hardware or software itself.

SOCIAL ENGINEERING IS NOT HACKING

[Com2Kid]

The "researcher" who is quoted in this article comes off like a moron.

He complains that there is no way to hide one's gamerscore. NO SHIT. It is called social networking. GAMERSCORE = (imagined) PENILE LENGTH INCREASE. You don't farking hide it, the entire point is to show it off.

Next up, sending someone a message "g1ve me urz PW and I'll givez you 1,000,000 gamerscores!!" is not hacking. It is exploiting people's greed. There is a big difference.

Likewise wussies DOS'ing a game server to get back at the people who kicked their wimpy arse is also not new, it happens WAY more often in PC games, since the majority of PC games have dedicated servers whereas only a few (but popular) Xbox 360 titles use dedicated servers.

In summary, these are not "hackers targetting Xbox Live". 99% of them don't even rank as script kiddies.

s/Hackers/Phishers/g would be a good start..

[bmajik]

if you RTFA, what you basically see is this
- Xbox LIVE accounts are worth something, and often have CC info embedded in them
- all of the techniques are for getting control of an XBOX live account or DOSing an XBOX live user
- all of the non-DOS techniques are SOCIAL engineering "attacks"

The XBOX Live network is actually pretty solid, with IPsec between endpoints and servers. The successful "attacks" at the network layer are essentially ping-floods or traffic stoppages [i.e. the Halo bugs where you could turn off your cable modem and thus disconnect without killing your ELO ranking].

Finally, regarding the point about market share / attractiveness to hackers: this is stupid.

XBOX Live has more paying customers than any other console gaming network. Looking at # of consoles sold is not the same thing as attractiveness for phishers/scammers.

So, Mod the Article (-1: Epic Fail)

Re:Phishing, not Hacking

[ZekoMal]

It sounds like the people who complain that they were "hacked" on MMORPGs, when in reality they were just "stupid". So many people say "hacker" when they really mean "some guy asked for my password for a 5 billion gold trade and then logged into my account and emptied it out".

It just sounds better to be "hacked" because hacking implies that it was entirely out of your control. There is some poetic justice to the Xbox fanbois being attacked based on how "good" (read: how much time spent) they are at a game. The better you are, the more time you waste, the more likely you are to be attacked. Casual gamers, I suppose, are safer by default. Irony, maybe?

Over rated sensationalism

[dave562]

Despite what the article might lead one to believe, the Xbox hardware isn't being hacked. User accounts are being compromised. The accounts aren't be compromised due to weakness in the software, authentication mechanisms, or by virii/malware. They are being compromised by social engineering and phishing. The only slightly disturbing subject mentioned involves introducing latency into game connections by way of DoS attacks and botnets. That sucks for people who play the games, but that isn't a weakness limited to the Xbox. Any internet connected device is susceptible to DoS attacks in some way.

Re:Happened to me

[radish]

And if you have my Amazon password you can order real stuff with my CC, and if you have my banking CC you can steal all my money. That's why we protect our passwords children :)