Feeds

Attacker grabs gaming tag of Xbox Live policy director

'Predator' reveals own IM list, Facebook account, on YouTube boastvid

The Power of One eBook: Top reasons to choose HP BladeSystem

NSFW link Microsoft's director of policy and enforcement for Xbox LIVE has had his Xbox account hijacked by a disgruntled gamer using a social engineering attack on his domain name registrar, Network Solutions.

Stephen Toulouse, who goes by the screen name “Stepto” and owns the domain stepto.com, also lost his email and web hosting accounts.

He tweeted yesterday: "Sigh. please be warned. Network solutions has apparently transferred control of Stepto.com to an attacker and will not let me recover it."

Somebody claiming to be the attacker has uploaded a video to YouTube showing him clicking around Toulouse's Xbox account, while breathlessly describing how he "socialed his hosting company".

The domain and account have since been returned to Toulouse's control.

Toulouse was head of communications for the Microsoft Security Response Center for many years, handling PR during worm outbreaks such as Blaster and Sasser.

Now at Xbox LIVE, Toulouse is, as the attacker put it: "the guy who's supposed to be keeping us safe". He's responsible for enforcing the policies that ban persistent cheats.

Social engineering attacks against domain name registrars exploit human, rather than technological, vulnerabilities. Attackers call up tech support and try to convince them that they are their target.

In this case, hijacking Toulouse's domain name seems to have been a means to control his email account, enabling the attacker to reset Toulouse's Xbox LIVE password and take over his "gamer tag".

The same technique was used to compromise the Chinese portal Baidu.com, that time via Register.com, in late 2009. That resulted in a lawsuit, which was settled for an undisclosed sum last year.

The attacker, calling himself Predator, was apparently annoyed that Toulouse had "console banned" him over 35 times. He said he'd compromised accounts in the past, and offered to do so again for $250.

He seems to have left a fair bit of evidence in his wake. The video shows his instant messaging contact lists and some Facebook information. Commenters have already posted his purported home address.

The video, which shows the immediate aftermath of the attack, can be viewed here. It may not be entirely safe for work, due to some racist language. ®

This story was first published at Domain Incite.

Designing a Defense for Mobile Applications

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.