Hasta La Gadget!

Microsoft has issued a statement confirming that some of its “high-profile” Xbox LIVE accounts that are said to belong to both former and current employees have been hacked, reports the folks over at ars technica, which was cyberattacked yesterday by the same hacking group. Known as Team Hype, the hackers are suspected to have caused a host of grief, including having possibly caused a police raid on Brian Krebs, a security reporter.

Said Microsoft to ars technica: “We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees. We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use.”

In addition, Team Hype is said to use stolen Social Security numbers and credit information to take over Xbox LIVE accounts, according to Krebs, who has also linked one of the hackers with ordering DoS attacks on both his own and ars technica’s websites. The hackers made public videos of them holding account hijacking sessions, with some of those hijacked accounts then being sold to LIVE users.

Earlier today, Microsoft also confirmed that Xbox LIVE users who had used the Xbox Entertainment Award app were compromised, with the Entertainment website having displayed approximately 3,000 instances of gamertags and private information, such as addresses and names. As a result, Microsoft has temporarily pulled the app while it sorts out the issue, directing concerned customers to its Xbox Security Web page.

[via ars technica]

Microsoft confirms LIVE accounts hacked, pulls Xbox Entertainment Award app is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

We don’t know if Stepto has been hacked again. This is just an example image of a “high profile” account.

South Korea isn’t the only place to see some hacking activity occur today as Microsoft has been the victim of a number of “high profile” accounts get hacked.

“A handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees” have in fact been compromised, said Microsoft in a statement to The Verge. The method used to acquire access to these accounts reportedly utilized the employee’s social security numbers along with some social engineering, which we assume means using pictures of the meals they are about to eat during their travels. Microsoft denies the SSNs were obtained from their connected Xbox Live account, instead pointing blame at a third party for the leaked SSNs.

Microsoft says they’re working with both “law enforcement and other affected companies” in order to hopefully close the hole this hack uncovered. At this time no one knows who exactly carried out these attacks on the high profile Xbox Live accounts, although ultimately we’re sure you’re glad you probably don’t consider yourself a high profile person. And if you are, well, we think you might want to keep an eye on your Xbox Live account for a couple of days.

By Ubergizmo. Related articles: Stinky Footboard: A PC Gaming Accessory In The Right Direction?, SimCity 1.7 Update Helps Fix Traffic Congestion,

Andrew Auernheimer, or better known as his internet pseudonym “weev”, has been sentence to 41 months in federal prison for obtaining the personal data of over 100,000 AT&T iPad owners on AT&T’s website. Auernheimer exploited a security flaw in AT&T’s iPad registration system that allowed him to download contact information of these iPad owners. The court case goes back a couple years ago.

Auernheimer was found guilty back in November in a federal court in New Jersey. He was found guilty on one count of identity fraud and one count of conspiracy to access a computer without authorization. Auernheimer and a colleague worked together to exploit the security flaw, both of whom will be punished and will be ordered to pay AT&T a collective $73,000 for damages.

The case has been a controversial one, and this is just one out of many highly-criticized cases of security researchers who have been charged with computer crimes thanks to the Computer Fraud and Abuse Act. Meanwhile, activists are calling for reform of the law to distinct between criminal hacking and simple unauthorized access, which would protect security researchers whose activities are not meant to be criminal.

Obviously, Auernheimer will appeal the court’s decision, but apparently he doesn’t regret his actions regarding the AT&T security flaw, and says (in a Reddit AmA) that he was just “being nice enough to give AT&T a chance to patch” the vulnerability before the data set got leaked, but that he “won’t be as nice next time.”

[via Ars Technica]

AT&T iPad hacker sentenced to 41 months in prison is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

If that $3 million credit-card stealing scam that hit Subway in 2011 didn’t convince you to stop using your credit card there (or stop going all together), you might want to consider it again. Recently released documents show that another pair of ne’er-do-wells are accused of running a similar scam on the restaurant for an additional $40,000. In gift cards. More »

Matthew Keys, one of Reuters News’ top social media managers, is facing potentially serious prison time after federal accusations that he’s a member of Anonymous. According to the DOJ, Keys tried to help hackers deface Tribune Company news sites. More »