Xbox Live hacked? 48 million passwords in the wild

Discussion in 'GBAtemp & Scene News' started by Costello, May 24, 2013.

  1. Costello
    OP

    Costello Headmaster

    Administrator
    12,440
    5,770
    Oct 24, 2002
    Some internet black-hat hacker, already responsible for hacking CNN's website a few days ago, claims to have "brutally owned" Microsoft's Xbox Live. Oddly enough, he states that user passwords were stored in plain text.
    download.jpg
    Read the NFO by opening the spoiler:
    Warning: Spoilers inside!
    UPDATE: Microsoft released a statement denying that any hack ever took place. Who is telling the truth? If you find your account & password in the databases released by the hacker, please make sure to let us know.

    -> Read the original article at Consolecrunch
    -> A sample of leaked passwords on Pastebin
    -> Full leaked database at Bayfiles (link dead?)
     
    kehkou likes this.
  2. Cartmanuk

    Cartmanuk GBAtemp Advanced Fan

    Member
    707
    106
    Nov 20, 2010
    Well with this hack changing your password not gonna help much.

    Nice work though!
     
  3. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,696
    9,565
    Nov 21, 2005
    United Kingdom
    Interesting wording in the NFO.

    Also since when do hackers use the word cyber anything?
     
  4. Snailface

    Snailface My frothing demand for 3ds homebrew is increasing

    Member
    4,324
    1,983
    Sep 20, 2010
    Engine Room with Cyan, watching him learn.
  5. Costello
    OP

    Costello Headmaster

    Administrator
    12,440
    5,770
    Oct 24, 2002

    hm, so Microsoft are saying it's a false alarm?
    besides I looked at the list given on Pastebin, it doesn't look legit at all
    I will edit the main post to reflect these doubts
     
  6. pwsincd

    pwsincd Garage Flower

    Member
    GBAtemp Patron
    pwsincd is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,366
    1,740
    Dec 4, 2011
    Manchester UK
    I thought that, he uses the phrase in his tweets also, just reminds me of the 90's when people used bandy the cybersex term a lot.

    Wonder if my old account is in that db, interesting.
     
  7. dgwillia

    dgwillia The Bacon Lover

    Member
    2,171
    215
    Mar 9, 2008
    United States
    Columbia Station, Ohio
    If this is legit, Microsoft is fucking retarded. If it isn't, Microsoft is just retarded
     
    air2004 likes this.
  8. Sop

    Sop groovy dude lmao

    Banned
    1,244
    207
    Nov 14, 2010
    qld
    Witness the /b/ tryhard in the NFO.
     
  9. EJames2100

    EJames2100 GBAtemp Fan

    Member
    494
    13
    May 9, 2008
    England
  10. T-hug

    T-hug Always like this.

    pip Chief Editor
    9,175
    4,535
    Oct 24, 2002
    England
    Can't find my old tag or my new one in the list and I've been on Live nearly 10 years.
     
    431unknown likes this.
  11. wolf-snake
    This message by wolf-snake has been removed from public view by p1ngpong, May 24, 2013, Reason: spam.
    May 24, 2013
  12. rehevkor

    rehevkor GBAtemp Fan

    Member
    453
    125
    Feb 21, 2011
    So.. after all the paranoia and the PSN hack and every other attack out there.. FagsoftMicrosoft would keep their passwords sat there in a giant text file?
     
    xwatchmanx likes this.
  13. chartube12

    chartube12 GBAtemp Psycho!

    Member
    3,206
    486
    Mar 3, 2010
    United States
    It's fake. I went through the list. each email is an yahoo and every email is on the list hundreds of multiple times
     
    xwatchmanx, Felipe_9595 and Maxternal like this.
  14. Ritsuki

    Ritsuki ORAORAORAORA

    Member
    1,370
    195
    Mar 15, 2008
    Switzerland
    Sometimes people really have time to waste... I'm a bit jealous...
     
  15. McHaggis

    McHaggis Fackin' Troller

    Member
    1,720
    940
    Oct 24, 2008
    I was highly sceptical at first, but now I just think this guy's retarded.

    A. As a company whose security policies are under constant scrutiny, Microsoft wouldn't be stupid enough to store passwords in plain text.
    B. I only looked at a small sample of the list, but the fact that more than half of the ones I looked at were duplicated at least twice and contained purely numeric passwords. That seems unlikely since none of the numbers I looked at were dates (ie date of significant importance to the account holder) or had any other kind of pattern one would normally associate with numeric passwords (credit card numbers, regular lottery numbers, etc). Those numbers were clearly generated by a random number generator.
    C. No passwords on that list contained characters outside of the latin range [0-9a-z], which is also unlikely given that the default input characters for an on-screen keyboard would normally be representative of the user's locale. There's also no passwords containing other special characters, like underscores or dashes (though those are understandably the minority for passwords entered using a non-touch based OSK).

    Just my thoughts.
     
    xwatchmanx, DCG and Rydian like this.
  16. Patxinco

    Patxinco Riding a Shooting Star

    Member
    673
    275
    Apr 18, 2011
    SUPER late April's Fool?

    We have better things to do to start bothering about this guy. At last me.
     
  17. lolzed

    lolzed The GBAtemp Pichu

    Member
    2,466
    13
    Sep 13, 2008
    There
    :creep:

    On a serious note, hope they don't store it in plain text, that's pretty stupid :s
     
  18. Black-Ice

    Black-Ice Founder of the Church of Renamon

    Member
    4,230
    9,092
    Oct 31, 2011
    London
    Noone who uses words like faggotry and brutally owned is competent enough to hack microsoft.
     
  19. Costello
    OP

    Costello Headmaster

    Administrator
    12,440
    5,770
    Oct 24, 2002
    did you check the big ass 6GB file ? or the small list posted on pastebin ?
    the list on pastebin doesnt look legit, but I haven't downloaded the 6GB dump, so I can't say
     
  20. Osha

    Osha Weh

    Member
    606
    331
    Jun 19, 2012
    France
    Fixed that one for you.
     
    MarkDarkness and DinohScene like this.
  21. DinohScene

    DinohScene Capture the Dino

    Member
    GBAtemp Patron
    DinohScene is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    16,240
    12,841
    Oct 11, 2011
    Antarctica
    В небо
    Pathetic if you ask me.

    I doubt that the XBL hack every took place.
    However, I won't say it's fake, since every online service can be hacked.
    It's just a matter of time.

    I agree on that.
    Also, Uzerneme and Pezzwerd?

    Sounds like a failed attempt at trolling to me.
     
    McHaggis likes this.