Syrian Electronic Army threatens more cyber attacks on Microsoft

The hacker group known as the Syrian Electronic Army claims in a new post on its Twitter account that it "didn't finish our attack" on Microsoft. The group has claimed responsibly for briefly taking over control of the official Skype, Twitter, Facebook and blog on New Year's Day. Last weekend, the SEA also said it hacked into the official Microsoft News Twitter and blog, along with the Xbox Support Twitter and Instagram accounts.

The new message comes at the same time as a new statement from Microsoft, which admits that an unknown amount of its company email accounts were hacked into by the SEA. According to The Verge, a Microsoft spokesperson stated, "A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted. These accounts were reset and no customer information was compromised."

It's more than likely that the SEA will try once again to compromise some of Microsoft's online accounts and activities in the very near future. Indeed, in an email statement to The Verge, the group said, "We are making some distraction for Microsoft employees so we can success in our main mission." Microsoft has not indicated how it plans to prepare for any new rounds of cyber attacks from this group.

Source: SEA on Twitter and The Verge

Report a problem with article
Previous Story

Report: Valve's Steam Controller won't have a touchscreen after all

Next Story

Microsoft's BUILD conference is sold out, Windows 9 highly anticipated

24 Comments

Commenting is disabled on this article.

That's just plain stupid by the SEA to go after the company with the deepest pocket and a dedicated army of hackers that do exactly what the SEA does (only legally). That's a sure way to get caught. Any hacker knows that to be successful, you never warn your target that you will hack them. I see this as a smokescreen for some other intended target, but Microsoft? yeah, they just signed their own death warrant

These guys promoted chrome under claims of ms data collection in IE. Credibility out. Are these guys really nothing more than a botnet group that was taken out by MSFT? Why aren't they after google also, the biggest data collector and seller of personal data the world knows off?

-adrian- said,
That they can

they could prove it by putting they guns in their ****ing asses. millions of kids and women are dying everyday and they are busy sniffing in some twitter account to put some bull**** . these people are ****ing morons

Im looking at all these morons posting about passwords..... You really think that's going to stop anything... There is always a back door to everything.. Your NEVER safe on the internet.

Meh...

So in reality, they're launching attacks against Twitter, Instagram, and facebook, since I've yet to see them launch a real attack on Microsoft owned properties.

Wapoz said,
So in reality, they're launching attacks against Twitter, Instagram, and facebook, since I've yet to see them launch a real attack on Microsoft owned properties.
If it was a phishing attack I have no doubt someone on their team for those social networks was provided a legitimate looking e-mail with a link. Then, attempted to login to twitter (etc) with their proper creds on a website looking much like twitter. They then, more than likely, to remain covert, logged them into and tossed them into twitter... etc.

Wait a little bit, log in, and go to down. It's no different than bank phishing e-mails making it look like the banks website with a login form where they grab your e-mail. Hell they even fake security questions etc. to get those too.

So, it's not an attack on twitter, instagram, facebook. It's an attack against someone who's not paying attention to their address bar.

Just goes to prove no company is 100 percent secure. Anyone can be hacked. All you can do is learn from what happened and then take steps to prevent it.

I know not everyone is IT savvy, but you'd think that employees of such a large tech company would understand basic password security?

Oh well, good luck to the "Electronic Army" and their next twitter post to show
their "hacking" skillz.

edit: Whoops, didn't mean to reply to your comment sorry!

Edited by Brendeth, Jan 16 2014, 12:09am :

Brendeth said,
I know not everyone is IT savvy, but you'd think that employees of such a large tech company would understand basic password security?.

Most understand it...just lots get lazy.

Well to my knowledge we're only talking about Twitter and Facebook accounts, not something critical. The people managing these accounts probably aren't security focused.

If you read the post neowin stated they phished the passwords. meaning they got the employees to type out the passwords on a real looking website. The password wouldn't have mattered.

majortom1981 said,
If you read the post neowin stated they phished the passwords. meaning they got the employees to type out the passwords on a real looking website. The password wouldn't have mattered.

Indeed we get fake email's all the at work trying to phish our account passwords for twitter. Thankfully a lot more services are enabling two factor authentication.

techbeck said,
Just goes to prove no company is 100 percent secure. Anyone can be hacked. All you can do is learn from what happened and then take steps to prevent it.

Twitter / Instagram are not Microsoft's properties. The best they can do is change the account passwords.

Actually, the best they could do is quit using that garbage.

If Microsoft had access to their computers as the SEA claim, then couldn't Microsoft remote deactivate all of SEA's computers? Of if they are that closely related to the NSA, I am sure Ballmer could make a call and it would be no problem for a SEAL team to show up on the SEA doorstep.

No the password is still developersdevelopersdevelopersdevelopersdevelopersdevelopersdevelopersdevelopersdevelopersdevelopersdevelopers. There's so many digits it's totally secure.