A repeatedly banned Xbox Live user took his revenge by allegedly hacking the account and website of the service’s head of policy enforcement.
If you’ve never heard of Stephen Toulouse, that’s probably a good thing. It means you’re likely not the type of Xbox Live user that hacks, cheats, or spews negative epithets at a gatling’s pace, because Toulouse is the director of Xbox Live policy and enforcement (i.e. he wields the banhammer). The position earns him plenty of ire, as evidenced by the case of a banned Xbox Live user recently hacking his website and Xbox Live account.
The user, who goes by “Predator,” evidently used social engineering to gain access to both. On April 3, Toulouse tweeted: “Sigh. please be warned. Network solutions has apparently transferred control of Stepto.com to an attacker [via social engineering] and will not let me recover it.” He requested that no one send any emails, as they’d only be going to someone else.
Social engineering refers to a technique used to acquire information through personal manipulation. One example is calling tech support and convincing the rep that you’re someone else to get them to restore or change a password.
A video also showed up on YouTube with Predator alleging that he used the same method to acquire access to Toulouse’s Xbox Live account. Toulouse seemed less concerned about the account hack, tweeting: “That stuff is easily stopped/fixed. I have a team for that.”
In the video, Predator says that he was getting revenge for not 1, not 2, but 35 Xbox Live bans at the console level. A console can be banned for unapproved internal modifications, online fraud (such as social engineering), or repeated smaller violations, and Microsoft says that each comes only after a lengthy investigation.
As of April 4, Toulouse revealed that he had control of his website again. Predator said that he may not hack into an account again, as Toulouse was a significant target. After 35 bans, chances are he’ll just find some other way to continue his mischief.
Source: Ripten
