$1.2 Million In Microsoft Points Stolen Using A Simple Algorithm (update)
Microsoft Points for Xbox Live don’t come cheap. They can be used to purchase a variety of goods on the network, including avatar upgrades, expansion packs, movies and more. So were not too surprised to see that a group of hackers cracked MS’s algorithm that assigns a set of numbers for redemption of their points.
Apparently the hackers figured out how to modify a used code into a new code and thus redeem free Microsoft Points. The hack went undetected to the tune of $1.2 million.
It’s not clear if MS will take action against those that utilized the hack, but our guess is yes, they will. In theory they have a database of codes that have been purchased and can be matched or “keyed” against a real working credit card. In this case these codes wouldn’t have a purchase or credit card associated with them. Lastly, all they need to do is is lookup all the codes redeemed during this time frame and match them against a credit card database. Any codes that weren’t paid for with a legit credit card would be flagged and ultimately cancelled.
Keep in mind that this is legit money, though if $1.2 million was spent a percent of that is only given to the developers of the content, so that’s not the actual amount lost on Microsoft’s behalf, though it is money not earned. However, getting all the money back will be near to impossible, especially if the points were used to watch a movie or for something that has a one time use. If MS dared they could take back avatars and other downloadable content, though it’s questionable if this feature is built into the Xbox Live marketplace.
Update: However, if someone were to buy the Microsoft points through a third party it could make tracking them down very challenging. But nonetheless Microsoft should be able to track the initial distribution of the physical point cards.