[WASC-WHID] WHID 2011-62: Another Xbox Live director hacked!

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Mon Apr 25 09:13:53 EDT 2011


*Entry Title: *WHID 2011-62: Another Xbox Live director hacked!
*WHID ID: *2011-62
*Date Occurred: *April 6, 2011
*Attack Method: *Social Engineering
*Application Weakness: *Insufficient Process Validation
*Outcome: *Account Takeover
*Attacked Entity Field: *Entertainment
*Attacked Entity Geography: *
*Incident Description: *A hacker known as “Predator” has been able to phish
information from Xbox Live’s Director of Policy and Enforcement, Stephen
Toulouse (aka “Stepto”), gaining email and address information via his
personal website server and was then able to alter the Chief’s details
online.
*Mass Attack: *No
*Reference: *http://blog.gadgethelpline.com/xbox-live-director-hacked/
*Attack Source Geography:*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110425/8c6d9da2/attachment-0003.html>


More information about the wasc-whid mailing list