Research shows hackers can pull credit card info from Xbox 360

March 31, 2012

Research shows hackers can pull credit card info from Xbox 360 An interesting report surfaced earlier this week claiming that hackers can pull credit card information off your old Xbox 360 hard drive. This news came as a bit of a shock as it claims that even formatting your hard drive will not entirely wipe the data off the storage device.

As reported by Kotaku, an ongoing study at Drexel University lead by researcher Ashley Podhardsky has revealed that credit card data can be retrieved off old Xbox 360 hard drives. Podharadsky revealed that Microsoft does a good job at projecting its own proprietary information on the console, but doesn’t take steps to protect user data such as credit card information.

As part of the research study, the group obtained a used Xbox 360 hard drive from a retailer and installed some hacking tools. The group was easily able to retrieve some files with credit card information.

Jim Alkove, GM at Microsoft security responded to Joystiq, stating that they are conducting their own investigation into the matter. According to Alkove, the Xbox 360 is not designed to store credit card data locally on the console. However, things are not usually as straight forward in cases where data is kept in memory before transmitting to a server.

For most, this should not be a major concern unless you have traded in your old Xbox 360 at Gamestop. It seems like the recommended course of action is to keep a scorched earth policy for now with your old hard drives until things are sorted out on Microsoft’s end.

31 Responses to “Research shows hackers can pull credit card info from Xbox 360”

  1. me_:

    You wouldn’t have to go to that much effort for the PS3. After PSN go hacked 77 million PS3 users credit card details are public knowledge.

  2. Mike Ferro:

    @me_

    lol, good April fools joke.. I remember last year when many media outlets were misreporting the exact same thing about 77 million credit card info was leaked(http://tiny.cc/e6b3bw). I think we all know now that was all bullocks as its yet to have surfaced anywhere.
    People seem to conveniently just ignore the part about no “evidence found” to indicate hackers were able to get into CC database table.

    To be fair –
    I think I would be more concerned if I found my Xbox CC info on a Swedish blackmarket site like Susan Taylor did with thousands of others (http://tiny.cc/9ac3bw).

  3. dans303:

    Assassin’s Creed announced for Kinect. ;)

    http://www.youtube.com/watch?v=7NufHsmITjM&fb_source=message

  4. Roca.:

    me_
    do your research next time…don’t make a fool out of yourself.

  5. Roca.:

    LMAO @ dans303

  6. Roca.:

    Sony’s newest ultrabook
    http://www.youtube.com/watch?v=-fTc5j9BFIw&feature=youtu.be

  7. me_:

    “I think I would be more concerned if I found my Xbox CC info on a Swedish blackmarket site like Susan Taylor did with thousands of others”

    Was Susan Taylor a real person or was that just an internet hoax? Stretching “evidence” to extend to unsubstantiated internet rumours is a little bit much.

  8. greenLanternfan:

    Not really surprised to be honest. It’s always easier to hack into the 360 and other MS products.

  9. Philistine:

    PS3 fanboy face the FACTS

    PS3 is now way easier to hack than an xbox.
    All you need to buy is a USB dongle, and you get to boot up in a hacked OS

    an xbox needs to be torn apart, have encrypted data ripped from the CDrom, and interface unit soldered into place to emulate CD responses, and firmware re-flashed to the CDrom (if old enough as new models are locked) (All very difficult and risky if your not a PC wiz kid).

    Face the fact fanboys.
    the xbox, is not easy to hack, that utter bullshit pisses me right off.
    hackers have gone to extreme lengths to hack both systems, and regardless of how good the systems are they will be hacked, that’s what hackers do, and they’re very good at it.

    if you truly believe an xbox is any less secure than any other device with your data on it then you’re a twat.

    Sony got off easy for the first couple of years, because they were hacker friendly to some degree, allowing users to have second OS kept the hackers happy. As soon as Sony clamped down, it got hacked, now it’s wide open despite what Sony claims.

    If you like I can post a like to a USB device that will allow even a retard to hack there PS3, then you can unplug it and go back to using your PS3 legitimately. Try doing that with an xbox!

    So stop with the xbox is so hackable bullshit please. PS3 fanboys are in a very fragile glass house with this one.

    As for the xbox account’s being sold, This has already been found to be hacking by proxy. people using the same email/password combos on multiple systems. MS xbox live has not been hacked. That has been proven.

    what is bad here, is that MS are not responding to it way faster, because they should know, following a call from the original account owner reporting account theft.
    when the account has been migrated to another console in another country that it’s been stolen. these consoles should be traced to there location,bricked the second they go on-line, and the local authorities informed.

  10. FahKinSuPah:

    “Face the fact fanboys.
    the xbox, is not easy to hack, that utter bullshit pisses me right off.”

    Which is total BS cause I know how to hack Xbox systems, and it is a pretty damn easy system to hack.

    I can hack a PhatBox in under 30 minutes.

    My own Xbox isnt hacked though. Just saying.

  11. phranctoast:

    who cares what’s easier now godless.

    You’re overly defensive over shortcoming about MS. Quite telling.

    XBOX was hacked first. Years first. Whether or not it’s easier to use a exploit developed by others is redundant.

    This latest problem isn’t good to say the least, and like Mike mentioned, it represents another proven shortcoming with MS when your money is supposed to be safe.

  12. Roca.:

    “You’re overly defensive over shortcoming about MS. Quite telling”

    lol…poor fanboy.
    Godless needed to write a wall-of-text to try to convince everyone the 360 is harder to hack – when in fact, it’s not.

    Ivan sent me a link about how to hack the Slim 360 in 10-15 mins…while still be able to game online. I didn’t bother because there’s nothing to play on the 360.

    But as Phranc said, who cares. The fact is the 360 keeps getting hacked & hackers keeps getting access to user’s private info…including credit cards.

  13. Philistine:

    LOL @ overly defensive

    Look Mike as usual chooses to use a headline that is completely flame bait.

    It could as easy read
    “Research shows hackers can pull credit card info from any device you have entered the info on”

    which is true.

    I will grantee you, that if you gave your formatted PS3 HD to a hacker, he could supply you a browse history of every perverted website you ever visited, any text you sent, and picture you looked at any movies you watched,and the games you played.

    This is what hackers do, why pick out the 360 when this clearly applies to any device on the planet with a hard-drive.

    Fahk
    “Which is total BS cause I know how to hack Xbox systems, and it is a pretty damn easy system to hack.”

    Get a grip, I’ve seen the details on how it’s done, and it’s far from easy.
    how many people can firstly rip the firmware from xbox CD rom, then apply the cracked version, using the right software for the job, because no one has been able to write a script that will do more than one revision of the CD rom BIOS because MS has made it so difficult to do so.

    Stop bullshitting to try and make it sound like the 360 is an easy hack, even the hackers will tell you there is no “easy” hack for the 360.

    Roco
    15 minute hack for 360 slim. .lMFAO. .I don’t think so. I smell more bullshit

  14. phranctoast:

    “It could as easy read
    “Research shows hackers can pull credit card info from any device you have entered the info on””

    This was current news. Mike is not making up headlines here. I believe this was on Kotaku first.

    “This is what hackers do, why pick out the 360 when this clearly applies to any device on the planet with a hard-drive.”

    ummm Current news. Why pick on the PSN for being hacked when many companies are hacked. It probably has something to do with game console news….

  15. Roca.:

    “15 minute hack for 360 slim. .lMFAO. .I don’t think so. I smell more bullshit”

    Then you’re smelling your own bullshit. You don’t have a hacked 360 so I wouldn’t expect you to know shit about it. On the other hand, Ivan (he’s on my PSN friend list) has both the 360 Slim and the PS3 hacked and he can’t update or access PSN features with his hacked PS3….and yet he’s able to run pirated 360 games and still play online and access XBL features. it took him 15 mins.

    This is what Ivan said (without the commas and periods lol) when I asked him whether I would still be able to play online if I hacked my 360 Slim:

    “Yes u gotta patch the game with the abgx I sent you, but 99.9 percent of games from filesharing n torrentz are patched. That software tells u if the game is stealth…but yes u can do everything online”

  16. Philistine:

    Roca

    I’m assuming Ivan has his xbox JTAG fixed.

    Now this I know for a fact takes the best part of an hour for a guy who knows what he is doing and has the necessary hardware, PC and software to hand.

    Roca

    this guy has a detailed answer to what can/cant be done with a hacked xbox

    none of it is easy or for anyone who isn’t pretty comfortable with ripping, modding then flashing firmware.

    PS the game patches are only as good as the latest Live update, odds are high you end up banned, with a good chance you end up banned the first time you log in to Live

    http://answers.yahoo.com/question/index?qid=20120214173106AApY2dA

  17. phranctoast:

    I’m still confused by the declaration of 360′s in the used market. They usually don’t last long enough to make it there.

  18. Philistine:

    yeah
    whatever Phranc, that’s why the 360 still sells as many, if not more games than the PS3s?.

    without bullshitting, how would you explain this fact?

  19. Roca.:

    LMAO @ Godless’ Google reply.
    Don’t waste my time.

    Nope, he didn’t JTag his 360…which is one of the reason he has full access to XBL.

  20. phranctoast:

    “without bullshitting, how would you explain this fact?”

    Fact of the matter is that MS has never produced unit sales for software.

  21. phranctoast:

    Without bullshitting. Who here would buy a 360 used?

  22. Philistine:

    Roca
    “Nope, he didn’t JTag his 360…which is one of the reason he has full access to XBL.”

    I’ve tried to find info on a hack that allows full access to XBL and so far as I can see there isn’t one.

    I’m going to check with my mate tonight to see if there is such a thing.

  23. ncaissie:

    I have hacked enough Xbox 1s in my time. Probably 20 or more.
    I haven’t touched the 360. It’s not worth hacking now days. The ps3 has to be on an old fw and good luck finding one with an old fw.
    Next gen I will get back into hacking if they keep up the bs about used games and such.

  24. Roca.:

    Godless – “I’m going to check with my mate tonight to see if there is such a thing”

    why you worry so about it is beyond me…don’t stress yourself out defending the 360, the system was hack hours after it was release, so was the Slim…and hackers have full access to XBL.

    Phranc – “Without bullshitting. Who here would buy a 360 used?”

    no one…we don’t even buy’em *new* ;)

  25. Roca.:

    Free Escape Plan prequel DLC tomorrow…

    Here is a screenshot of my stats
    http://farm7.staticflickr.com/6239/7025343111_613bfecffb_z.jpg

    It took me over 12 hours to complete the game 100% but my 1st playthrough was only 8 hours long.

  26. FahKinSuPah:

    Godless is just an idiot.

    If Ivan can hack an Xbox 360 it has to be easy :D

    Hacking an Xbox 360 is easy, but it requires a much bigger investment than just hacking it.

    You have to stay on top of the all the software updates that MS applies, as well as the games then it becomes a chore.

    Otherwise the initial hacking requires littles to no investment and is easy to do.

  27. oldschool1987:

    Lol at me’s opening comment of lies. I would like a link of people who claimed they were in fact robbed. No one reported money missing.

    Same cant be said about the 360 users.

  28. ncaissie:

    But that’s just because ps3 users are to stupid to report it.
    Has to be.

  29. Roca.:

    @FahKin
    Ivan told me “for the new slim like 20 to 25 minutes for the old models like 10 minutes” while Godless says hacking a 360 is very difficult and will take longer than an hour…

  30. greenLanternfan:

    @Godless

    Hackers already mentioned that the ps3 can be hacked, but it’s more complicated, different architecture, and have a higher security. FACT

    The PS3 has a different architecture than what the 360 has, that’s why it took hackers a bit longer with the ps3. FACT

    Why don’t you take off your fanboy goggles off and look at the reality.

    MS banned over a million users on xbox live from hacked consoles. And yet I have friends that plays xbox live for free, just soft modding the console.

    If you have a custom firmware update on the ps3, you don’t have any access to the PSN. The only way around this is that you have to get the regular update, which your ps3 is no longer have a CFW.

    Do you even know why there’s so many viruses on Windows OS? It’s certainly not just because ppl like to hack, but for the fact that people hate Microsoft. Many top level viruses comes from companies, not just hackers from homes.

  31. Rhino:

    I fucking love this site.

Leave a Reply:

You must be logged in to post a comment. Don't have an account? Register today!




Recent stories

Latest game reviews

RSS Technology news

  • An error has occurred, which probably means the feed is down. Try again later.

RSS Windows news

RSS Mac news

RSS Iphone & Touch

RSS Mobile technology news

RSS Green tech

RSS Buying guides

RSS Photography news

Login

About GAMER.BLORGE

Archives

Copyright © 2014 Blorge.com NS