Potential Xbox Live hacking related to FIFA 12

Discussion in 'Console Industry' started by Scott_Arm, Oct 17, 2011.

  1. Scott_Arm

    Legend

    Joined:
    Jun 16, 2004
    Messages:
    11,732
    Seems there may be some account hacking going on with Xbox Live that would be related to FIFA 12 in some way. If you are playing FIFA 12 on Xbox 360, watch your points carefully. If you have email notifications set up for points purchases through Xbox Live, you may want to keep an eye on that account.

    I saw this was being discussed in the PS3 hack thread after reading this story, but thought I'd start a new one because Xbox Live users may not be looking into that thread.

    http://arstechnica.com/gaming/news/...ues-microsofts-response-becomes-maddening.ars
     
  2. Shifty Geezer

    Shifty Geezer uber-Troll!
    Moderator Legend

    Joined:
    Dec 7, 2004
    Messages:
    35,282
    Location:
    Under my bridge
    By accounts it's not a Live hack, but an EA hack. Edit: That article suggests it's social engineering and not a hack.
     
  3. patsu

    Legend

    Joined:
    Jun 25, 2005
    Messages:
    27,613
    Probably don't have enough info to classify either way. The article doesn't really conclude it's a social engineering attack.
     
  4. Shifty Geezer

    Shifty Geezer uber-Troll!
    Moderator Legend

    Joined:
    Dec 7, 2004
    Messages:
    35,282
    Location:
    Under my bridge
    It doesn't, but it mostly complaining about the time taken by MS to resolve things, while MS and EA are saying they haven't been hacked. Actually EA almost suggests they're getting hacked 'the same amount as FIFA 11'.
     
  5. patsu

    Legend

    Joined:
    Jun 25, 2005
    Messages:
    27,613
    If it's an effective technique, and the hackers' intention is to make money, they will keep quiet and make sure not to trigger any defense as long as possible. Without any trail, it's too early to say what type of hack it is. Surveying the victims (in addition to looking at logs) may help give some hints though.
     
  6. -tkf-

    Legend

    Joined:
    Sep 4, 2002
    Messages:
    5,627
    Xbox Live users suffering hacked accounts

    I read about this in a Danish news paper,

    Xbox Live users suffering hacked accounts

    http://arstechnica.com/gaming/news/...-hacked-accounts-fifa-11-and-12-purchases.ars

    In the danish news paper they are quoting Microsoft Support:

    You will need Google Translate, i think :)
    http://politiken.dk/tjek/digitalt/i...-brugere-faar-stjaalet-penge-fra-deres-konto/

    Brad Grenz may be right

    EDIT: Reading the comments on the different websites that is reporting about this problem does indicate something organized.
    http://forums.xbox.com/xbox_forums/xbox_support/f/27/t/3125.aspx?PageIndex=1
    http://whatthegeek.net/2011/10/05/the-tale-of-a-hacked-xbox-live-account/
    http://gizmodo.com/5849835/xbox-live-users-are-being-hacked-for-virtual-fifa-gear
     
    #6 -tkf-, Oct 19, 2011
    Last edited by a moderator: Oct 19, 2011
  7. AlphaWolf

    AlphaWolf Specious Misanthrope
    Legend

    Joined:
    May 28, 2003
    Messages:
    8,170
    Location:
    Treading Water
    If there is some systemic hack, it's certainly not widespread.

    And MS is still denying that anyone at all has been hacked.
     
  8. -tkf-

    Legend

    Joined:
    Sep 4, 2002
    Messages:
    5,627
    Widespread will always be a question of definition and it´s really not the issue here.

    I usually never read XBOX news in this regard, but your post made me do a little bit of google, and i think it is obvious that something is going on. Maybe it´s just Live that is the target now, maybe it´s the FIFA launch that opened some kind of weakness, maybe it´s the 60.000 accounts that was released by Lulz (http://techmento.com/2011/06/18/xbox-live-hacked-60000-accounts-leaked/#comments) maybe it´s just a bunch of people getting phished.

    And Microsoft is not exactly known to be quick to admit faults or wrong doings so that says nothing about anything really :)
     
  9. dobwal

    Veteran

    Joined:
    Oct 26, 2005
    Messages:
    4,399
    What seems odd is that its just seems all FIFA related with losses coming from purchasing and downloading of the FIFA games and their associated DLC.

    Almost seems like someone is able to spoof other live accounts on EA FIFA servers without actually gaining access to those accounts' passwords.

    Unless there are a segment gamers that want nothing to do with Live merchandise other than FIFA related goods.
     
  10. Silent_Buddha

    Legend

    Joined:
    Mar 13, 2007
    Messages:
    12,893
    If it's only FIFA being affected, then that suggests it likely isn't anything on MS' end otherwise the hacking would be more widespread.

    So it's likely to either be extremely targetted social engineeering/phishing schemes or EA borked something again and opened up a security hole.

    Regards,
    SB
     
  11. Scott_Arm

    Legend

    Joined:
    Jun 16, 2004
    Messages:
    11,732
    You kind of wonder if there's a flaw in the way you purchase DLC for FIFA in-game. Pretty sure you can buy ultimate team packs in-game. If people were hacking Live accounts, you think they'd be buying stuff other than FIFA DLC.
     
  12. AlphaWolf

    AlphaWolf Specious Misanthrope
    Legend

    Joined:
    May 28, 2003
    Messages:
    8,170
    Location:
    Treading Water
    You googled up something that supposedly happened 4 months ago? And are trying to relate it to this issue that seems more EA/FIFA related?

    And a few people on forums aren't exactly a reliable source of information either. I fully expect that many people have had their accounts compromised over the life of xbl, but if this is a major security flaw, the people exploiting it are really really stupid, because all they seem to have managed to annoy a few people.
     
  13. AlphaWolf

    AlphaWolf Specious Misanthrope
    Legend

    Joined:
    May 28, 2003
    Messages:
    8,170
    Location:
    Treading Water
    Maybe it's EA using peoples accounts.
     
  14. dobwal

    Veteran

    Joined:
    Oct 26, 2005
    Messages:
    4,399
    If it social engineering/phishing scheme then why is it affecting (as far as it seems here) one EA franchise. Is it possible someone found a way to spoof EA's FIFA servers?
     
  15. Scott_Arm

    Legend

    Joined:
    Jun 16, 2004
    Messages:
    11,732
    Your EA account gets linked to your gamertag. Maybe there is something "phishy" going on with credentials, so you can buy stuff in-game on someone elses gamertag if you log in with their EA account. The EA account should not have access to your Live account password, so I don't know how that would work.
     
  16. -tkf-

    Legend

    Joined:
    Sep 4, 2002
    Messages:
    5,627
    I googled other stuff, and the list is long but useless in a discussion with you in any case, the link i provided was clearly mentioned as an example/what if in my post. You just ignored that as usual.

    I don´t know why you get so defensive, well i guess i do your blinded by something. But lucky me this thread was to old already since it had already been posted, though with another excuse.

    Request for a lock.
     
  17. Shifty Geezer

    Shifty Geezer uber-Troll!
    Moderator Legend

    Joined:
    Dec 7, 2004
    Messages:
    35,282
    Location:
    Under my bridge
    What's the motivation for the hacking though? To randomly make gamers buy FIFA DLC is perhaps the very definition of random! Just a case of Thrillz?
     
  18. function

    function Wrong thread
    Veteran

    Joined:
    Mar 27, 2003
    Messages:
    4,309
    Maybe someone bought Fifa DLC, felt really bad about themself, then decided they didn't want to feel like that on their own?

    But seriously, this is actually a potential motivator not to buy any EA 360 stuff. Will Mass Effect 3 be open to the same vulnerabilities? I wouldn't like the idea of EA getting access to my Microsoft pass simply through playing one of their games even if EA's networks were secure. I hope MS are using some kind of secure alias or something.
     
  19. mrcorbo

    mrcorbo Foo Fighter
    Veteran

    Joined:
    Dec 8, 2004
    Messages:
    2,226
    It's unfortunate that MS isn't more proactive about communicating about these issues beyond boilerplate press releases. If there is a significant issue, they would do well to inform their customers. If there isn't one, they would do well to have someone made available to answer specific questions with as specific answers as is prudent.
     
  20. bkilian

    Veteran

    Joined:
    Apr 22, 2006
    Messages:
    1,539
    I wondered about the utility too. The only thing I could think of was that when you buy content it's registered to the console and the user account. So it could be used by other users on the same console that bought it.
     

Share This Page

  • About Beyond3D

    Beyond3D has been around for over a decade and prides itself on being the best place on the web for in-depth, technically-driven discussion and analysis of 3D graphics hardware. If you love pixels and transistors, you've come to the right place!

    Beyond3D is proudly published by GPU Tools Ltd.
Loading...