Microsoft did not take lessons, Causing Microsoft’s Blog being hacked after Xbox & Microsoft news social media Account hack By Syrian Electronic Army.

2

After the series of Attacks over Microsoft Product’s Official Social Media Accounts, Including Microsoft’s Xbox Twitter and Instagram Account hijacking, followed by Microsoft News Twitter Account being hijacked and of course early this year the hack of Microsoft’s Skype twitter and blog Account it seems like Microsoft Security team did not take any lessons from the attack, and was not worried of the security. 

While the conversation between the Microsoft employees through emails looked like they were bit worried of the ongoing attacks, but that was not enough because these conversations which should have been private, was made Public by Syrian Electronic Army.  The SEA seemed to be able to monitor their email conversation and was one step ahead of them, it looked like Syrian Electronic Army played like Secret service Agents and spied over the mails of Microsoft’s employs who were affected in the attack.

Yesterday’s story did not end up with the Microsoft News Twitter account being hijacked, for that seemed like a trailer in view of what SEA  has planned for Microsoft.  Just after 3 hours of attack over the Microsoft news twitter account, they hacked into Official Microsoft blog 

Screenshots showing how the Microsoft blog looked like after the hack

The Syrian Electronic Army onslaught on Microsoft continued through the day with it was having some other plans too, and this did not ended the miseries of the Security professionals at Microsoft blog, the blog was redirected to Official website of Syrian Electronic Army.

Now the The Official Microsoft Blog Redirecting to #SEA website: http://t.co/yhFfqJZYRp #SyrianElectronicArmy
— SyrianElectronicArmy (@Official_SEA16) January 12, 2014

To make the matters worse, it was not only that SEA tweeted it, but it was confirmed by several other peoples too, that the blog was redirecting to SEA’s website.

While the hack was being carried out, SEA also continuously monitored email conversations between the Microsoft staff

Two of the tweets from SEA one after another shows the email conversation between the staffs,


What @Microsoft staff are doing now. #SEA pic.twitter.com/nAij4vyFeu
— SyrianElectronicArmy (@Official_SEA16) January 12, 2014

What @Microsoft staff are doing – Part 2 #SEA pic.twitter.com/H7sV91VvJW
— SyrianElectronicArmy (@Official_SEA16) January 12, 2014

While the Microsoft blog was hacked and with few Articles being posted by SEA, the hack also effected the Microsoft official website, The news section on the website which is designed to show the news feeds from Blog page, was showing feeds of the Article written by SEA.

Screenshot showing how Official Microsoft website looked like after the attack

The series of hack carried by SEA, arise many questions on how the Attack were being carried out, with some of the experts believing it to be a phishing attack, with few other believing major private exploits used by SEA for such attacks.

But it looks like The Security team is left with no choices when they are hacked. Since it looks like Microsoft team is not taking the security seriously, it is possible that they may suffer another breach in coming days.

For more details over the hack, we have already contacted SEA team, we will update you as soon as we get a response.

About Author

Founder and Editor-in-Chief of 'Techworm'. Cyber Security Analyst, Information Security Researcher, And Social Media Promoter.

2 Comments

  1. Well if the NSA can use (zero-day)exploits, the SEA and others can also. As long as microsoft ignores these vulnerabilities for NSA sake then they get what they deserve.

Leave A Reply