Syrian Electronic Army Hackers Hit Microsoft


Members of the Syrian Electronic Army recently hijacked Microsoft's Twitter news account, Xbox support Twitter account, and official TechNet blog (h/t Graham Cluley).

The same hackers hit the Twitter, Facebook and WordPress accounts for Skype on January 1, 2014 -- in the recent attacks, they posted the same message they'd posted on January 1: "Don't use Microsoft emails (hotmail, outlook). They are monitoring your accounts and selling the data to the governments."

Soon after, the hackers tweeted a screenshot of an internal email sent by Microsoft's Steve Clayton that stated, "Sure you know but @Xbox and @MSFTNews twitter handles just got hacked - same as Skype last week. We were in the process of changing all passwords on @MSFTNews as it happened. Working with the teams now to address as it seems bitly is the backdoor that has been found."

E Hacking News reports that a member of the hacker group has confirmed that the accounts were compromised via a malicious e-mail sent to Microsoft employees.

As Graham Cluley notes, Microsoft Security had tweeted advice on how to avoid phishing attacks just 10 days ago -- clearly, the people who run the @XboxSupport and @MSFTnews accounts weren't paying attention.