Syrian Electronic Army Hackers Hit Microsoft

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Members of the Syrian Electronic Army recently hijacked Microsoft's Twitter news account, Xbox support Twitter account, and official TechNet blog (h/t Graham Cluley).

The same hackers hit the Twitter, Facebook and WordPress accounts for Skype on January 1, 2014 -- in the recent attacks, they posted the same message they'd posted on January 1: "Don't use Microsoft emails (hotmail, outlook). They are monitoring your accounts and selling the data to the governments."

Soon after, the hackers tweeted a screenshot of an internal email sent by Microsoft's Steve Clayton that stated, "Sure you know but @Xbox and @MSFTNews twitter handles just got hacked - same as Skype last week. We were in the process of changing all passwords on @MSFTNews as it happened. Working with the teams now to address as it seems bitly is the backdoor that has been found."

E Hacking News reports that a member of the hacker group has confirmed that the accounts were compromised via a malicious e-mail sent to Microsoft employees.

As Graham Cluley notes, Microsoft Security had tweeted advice on how to avoid phishing attacks just 10 days ago -- clearly, the people who run the @XboxSupport and @MSFTnews accounts weren't paying attention.