There’s been considerable chatter on the web recently regarding Xbox 360 accounts being compromised and – amongst other things – being used to buy FIFA DLC. Threads like this one on NeoGAF are full of discussion and case studies on the topic.
Whilst there’s no 100% fool-proof analysis on what’s happening, it appears that hackers are getting access to the accounts, changing passwords (and secret questions, etc) and then spending money on either your existing Microsoft Points or, worse, charging your card.
Microsoft, however, are denying any link between the 360 and EA’s FIFA 11/12, which some are suggesting is absolutely the key – with reports going back at least as far as last month and blogs much further.
That blog link in particular has lots of comments from people suffering from the same issues.
“It’s not a hack, it’s really just a different way to monetise stolen accounts,” said Microsoft’s online safety director Doug Park to Eurogamer. “What they’re really doing is trying to make money off those compromises. So FIFA is a very popular title,” he continues, “it’s just a new way for the bad guys to make money.”
“Based on our investigation, we didn’t see anything new. It was just a different avenue.”
Park seems to think it’s a phishing scam and nothing more, but commentors on the topic that have fallen prey to the attacks (and had to have their 360 account locked out by Microsoft for a good number of days) would disagree.
We’ll continue to monitor the reports.