Saturday, February 21, 2009

Hackers target Xbox Live players

Halo 3 screenshot, Microsoft
Halo 3 players are a popular target for the Xbox attack

**BBC News**

Xbox Live is being targeted by malicious hackers selling services that kick players off the network.

The booting services are proving popular with players who want a way to get revenge on those who beat them in an Xbox Live game.

The attackers are employing data flooding tools that have been used against websites for many years.

Microsoft is "investigating" the use of the tools and said those caught using them would be banned from Xbox Live.

"There's been a definite increase in the amount of people talking about and distributing these things over the last three to four weeks," said Chris Boyd, director of malware research at Facetime Communications.

Attack tool

"The smart thing about these Xbox tools is that they do not attack the Xbox Live network itself," he said.

He said the tools work by exploiting the way that the Xbox Live network is set up. Game consoles connecting to the Xbox network send data via the net, and for that it needs an IP address.

Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers.

Dollars and wallet, Eyewire
The tools mean anyone with a few dollars can boot rivals off Xbox Live

"Instead," he said, "a lot of games on Xbox Live are hosted by players."

If hackers can discover the IP address of whoever is hosting a game they can employ many of the attacks that have been used for years against websites, said Mr Boyd.

One of the most popular for the Xbox Live specialists is the Denial of Service attack which floods an IP address with vast amounts of data.

The flood of data is generated by a group of hijacked home computers, a botnet, that have fallen under the control of a malicious hacking group.

When turned against a website this flood of traffic can overwhelm it or make it unresponsive to legitimate visitors.

When turned against an Xbox owner, it can mean they cannot connect to the Live network and effectively throws them out of the game.

"They get your IP address, put it in the booter tool and they attempt to flood the port that uses Xbox traffic," said Mr Boyd. "Flooding that port prevents any traffic getting out."

Skill set

The hard part, he said, was discovering a particular gamer's IP address but many malicious hackers had honed the skills needed to find them.

Some interconnect their PC and Xbox and use packet sniffing software to hunt through the traffic flowing in and out of the console for IP addresses.

Ethernet connector, Eyewire
The hackers target the way Xbox consoles connect to the net

Others simply use con tricks to get the target to reveal their net address.

The technical knowledge needed to hunt down IP addresses was quite high, said Mr Boyd, but many of those who had the skills were selling their expertise to those keen to hit back at their rivals on the Xbox Live network.

For $20 (£13) some Xbox Live hackers will remotely access a customer's PC and set up the whole system so it can be run any time they need it.

Some offer low rates to add compromised machines to a botnet and increase the amount of data flooding a particular IP address.

Defending against the attack could be tricky, said Mr Boyd: "There's no real easy solution to this one."

Although IP addresses regularly change, people could find it takes hours or days for their ISP to move them on to a new one.

In response to the rise in attacks, Microsoft said: "We are investigating reports involving the use of malicious software tools that an attacker could use to try and disrupt an Xbox LIVE player's internet connection."

It added: "This problem is not related to the Xbox Live service, but to the player's internet connection. The attacker could also attempt [to] disrupt other internet activities, such as streaming video or web browsing, using the same tools.

In its statement Microsoft warned: "This malicious activity violates the Xbox Live Terms of Use, and will result in a ban from Xbox Live and other appropriate action.

It urged anyone falling victim to such an attack to contact their ISP to report it and get help fixing it.

In January 2009 Microsoft announced that Xbox Live had more than 17m members.

Saturday, February 14, 2009

Xoopit Marries Facebook Status Updates With Gmail


Xoopit, a social networking email enhancement that allows users to locate files, images and videos in their inbox, has launched a new feature that lets Gmail users immediately see and set Facebook status messages and view profile photos of their Facebook friends while reading emails off a Gmail account.


Users can also quickly see other information such as birthdays and mobile phone numbers. After downloading the feature, a user can easily update their own status directly from a Gmail account using Facebook Connect. Xoopit’s new feature is pretty neat and gives users the ability to bounce between Facebook and Gmail accounts seamlessly. And Facebook’s status message feature is one that most users check most frequently, so its particularly useful to the average Facebook user.


The marriage of social networking and email is not a new concept. Yahoo and Google are both pretty open to incorporating social networking into their email applications, with Yahoo even potentially creating a social network around its email product (Yahoo mail has around 254 million users worldwide, Gmail has around 80 million users).


It doesn’t appear that the Xoopit-Facebook feature is available to Yahoo Mail users but the Yahoo and Xoopit may not be far away from developing a Gmail-like relationship with Yahoo, as we wrote about late last year.


The plug-in was a bit buggy when I downloaded it but I think its a nifty tool as a whole. It certainly saves me the time in switching back to Facebook to check status updates or update my own status. Now if only we could stream the news feed feature into Gmail.


Here’s another screenshot of the new feature:



Crunch Network: CrunchBase the free database of technology companies, people, and investors






View Original Article

Blogged with the Flock Browser

Microsoft: Bounty on Conficker worm creator

moneyMicrosoft has announced today that it is offering a reward of $250,000 to anyone who can provide information that can help arrest the creator of the Conficker worm. They stated that this worm is a criminal attack and that citizens from any country can receive the bounty.


Conficker, also known as Downandup, has infected millions of computers around the world since last year. It is difficult to stop because spreads through USB thumb drives or the internet and takes advantage of Windows machines that are missing newer security patches. Once it infects a computer, it can halt automatic updates and security scans, block access to security-related websites and even lock users out of their accounts.


Microsoft has experience with fighting large virus outbreaks like this. Back in 2004, they offered $250,000 for information about the Sasser worm. They later paid out the reward in 2005. They said that this time they are teaming up with security companies, and internet companies like AOL to stop the outbreak. Better late than never, I guess.

View Original Article

Blogged with the Flock Browser