SEA hijacks Microsoft Twitter accounts, Xbox support blog and Technet

Filed Under: Featured, Microsoft, Security threats, Twitter, Vulnerability

SEA, Microsoft and Xbox logosIn another Microsoft security "erk!" moment, the infamous Syrian Electronic Army (SEA) over the weekend hijacked multiple Microsoft Twitter accounts, The Official Microsoft Blog at blogs.technet.com and an Xbox support account.

An SEA member called "Syrian Eagle" told Mashable in an email that this is just the beginning.

The beginning? Well, technically, it's more like Act 2, given that a few weeks ago, Microsoft's Skype brand had its Twitter, Facebook and WordPress accounts hacked by someone claiming to be the SEA.

Syrian Eagle told Mashable that Microsoft deserves what it got because it's hawking data to US snoops and multiple governments.

The SEA will publish proof of the allegations, Syrian Eagle said:

Microsoft is monitoring emails accounts and selling the data for the American intelligence and other governments.

And we will publish more details and documents that prove it.

Microsoft is not our enemy but what they are doing affected the SEA.

On Saturday, the pro-Assad group took over the @MSFTnews and @XboxSupport Twitter accounts and posted various messages hashtagged "SEA", according to Mashable.

One read: "Don’t use Microsoft emails (Hotmail, outlook), They are monitoring your accounts and selling the data to the governments."

The takeovers appear to have been brief: the messages are no longer live, and a Microsoft spokesperson sent this statement to The Register:

Microsoft is aware of targeted cyberattacks that temporarily affected the Xbox Support and Microsoft News Twitter accounts. The accounts were quickly reset and we can confirm that no customer information was compromised.

The attackers also Tweeted a screenshot of what appears to be a takeover of The Official Microsoft Blog at blogs.technet.com:

Screenshot of the Tweet from the SEA showing an image of their takeover of Microsoft's Technet blog

Microsoft didn't put out a statement about the alleged attack, but Mashable says its reporters saw it in action and confirmed that it lasted about an hour.

Mashable also posted a screenshot showing multiple "Syrian Army Was Here" messages on the defaced site. Others reported that the blog was either forcing a redirect to the SEA's site or displaying the defaced blog.

At any rate, the blog is now under the company's control.

Microsoft responded to the SEA charges about monitoring email by sending this statement to Mashable:

We’re actively investigating issues and are focused on protecting our employees and corporate network. Microsoft is sometimes obligated to comply with legal orders from governments around the world and provides customer data only in response to specific, targeted, legal demands.

, , , , , , ,

You might like

One Response to SEA hijacks Microsoft Twitter accounts, Xbox support blog and Technet

  1. Martín Alejandro Carmona Selva · 284 days ago

    Where's the Two way auth, Microsoft?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.