Microsoft's YouTube channel has been hacked

Filed Under: Microsoft, Social networks

Hackers have taken control of Microsoft's official YouTube channel, removed the company's videos and replaced them with ones of their own.

Microsoft's hacked YouTube channel

Click here for a larger image of Microsoft's hacked YouTube channel.

At the time of writing, the hackers are still uploading new videos to the channel. The ones we have seen so far are typically three or four seconds in length, and typically call on other internet users to post video responses, create new background images for the channel or provide sponsorship.

Another brief video, entitled "Bingo", shows an animated character from what appears to be the "LA Noire" videogame by Rockstar Games, shooting another character in the head.

A message posted on the channel cryptically reads:

"I DID NOTHING WRONG I SIMPLY SIGNED INTO MY ACCOUNT THAT I MADE IN 2006 :/"

YouTubeIt seems unlikely that the change to the YouTube channel is a bizarre publicity stunt by Microsoft. After all, what would be the sense in deleting its archive of past videos - many of which are embedded on third-party sites around the world.

Although there are no details yet about how hackers managed to gain control of Microsoft's YouTube account, the obvious suspicion has to be that a Microsoft employee who had administrative rights over the channel was careless with their password.

One YouTube user, however, has left a comment on one of the videos describing his theory on how Microsoft's YouTube account was compromised:

This is how he "hacked" the channel:

He legittly made the account Microsoft when youtube wasn't that big but the REAL Microsoft probably asked Youtube to disable it and give it to them. The flaw is that this account was probably still linked to this kid's email and microsoft forgot to change it or whatever.

So all this kid had to do was recover this account using his old email.

Not that hard. Thats probably how the other big Channels got "hacked".

Thumbs this up so people can see!

If that's true, then it's a colossal foul-up by YouTube that may concern other well-known brands who have established presences on the video network.

Regardless of how the hack occurred, it's embarrassing and inconvenient for Microsoft.

The attack comes just a week after hackers broke into the Sesame Street YouTube channel, and replaced its child-friendly content with hardcore pornographic movies.

, ,

You might like

12 Responses to Microsoft's YouTube channel has been hacked

  1. Notice how they made the videos with iMovie from Mac OS.

  2. Anonymous · 1034 days ago

    Well, I'm going to say that.

    Probably someone created the account Microsoft before the officia Microsoft company use it as their channel.

    They probably left the account linked to the original user's email.

    The "hacker" then use password recovery to reset his password using his email and there he goes.

    Credits to Youtube user: wamasakky

  3. Jon Fukumoto · 1034 days ago

    Not a good thing. Even big companies like Microsoft should know better. Complex passwords consisting of upper and lower case letters along with symbols and numbers and a minimum length of 8 characters are the way to go. Whoever hacked in may have used brute force methods, or just simply used a dictionary attack.

  4. abadidea · 1034 days ago

    What the "cryptic" comment is trying to say is this, based on some remarks in the channel comments:

    1. Kid registers "Microsoft" account for the lulz when Youtube was still a fairly small site.

    2. He(?) doesn't really use it.

    3. It gets taken away from him and given to the real Microsoft.

    4. Years later he tries to reset the password w/ his email account and it works. Clearly a bug on Youtube's part if true.

    That's not really "hacking" in any criminal sense. He legitimately registered the account and used the standard account recovery mechanism, according to what these comments seem to be saying. Deleting all the videos was a dumb move on his part though. Should have stuck to just changing the wallpaper. MS could take that in good humor...

  5. Sandra · 1034 days ago

    Does this mean do not go to youtube until we hear from Sophos the coast is clear?

    • Nanci · 1034 days ago

      I'm wondering the same thing. My curiosity wants me to go take a look. Kind of like the "wet paint" sign. ;-)

  6. abadidea · 1034 days ago

    Ahhh, my comment-in-moderation got superseded by a post edit XD Now it will appear redundant, sorry about that :)

  7. Patryk · 1034 days ago

    holy crap, what next? Apple?

  8. I found it hard that Microsoft did not change the registered email.

  9. boredom · 1033 days ago

    How is this embarrassing for Microsoft? YouTube was hacked. It wasn't some custom page developed by Microsoft.

    It may not be a password issue.

    • Maybe it wasn't a password issue. But maybe it was.

      At the moment, as far as I have heard, nothing has been confirmed.

      If Microsoft staff were lax with their password security then that's pretty embarrassing.

  10. youtube profits · 729 days ago

    Heya i'm for the first time here. I came across this board and I in finding It truly useful & it helped me out a lot. I'm hoping to offer something back and help others like you aided me.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.