It seems that this problem is turning into a growing epidemic, and the source of the problem may be stemming from Xbox.com. It could even happen to YOU. Yes, YOU.

Honestly, as bad as it sounds, I HOPE more accounts keep getting stolen so there can be more of a raging outcry from LIVE members to get this issue resolved.

Microsoft just assumed that the "Region Change" feature would not be used very often, so that is making it much harder to recover stolen accounts that were Region Swapped, like mine.
"The original goal...was that [changing regions] wouldn't be used very often," says Toulouse. Those who do it frequently, deliberately or otherwise, have to pay the price."

I'm now on day 60 of waiting for them to get their collective head's out of their asses. (40 days after normal UA Investigations get resolved.)
I will be calling pretty soon for an update (or lack there of). I'm able to sign on to my account while it's supposed to still be suspended. I hope they didn't ruin it any further for me.

I honestly don't give a SHIT about the 3,000 M$ points that were stolen from me.
All I care about is my 4 year accumulation of 49,700 GAMERSCORE and my hundreds/thousands of dollars of DLC.
They can keep my facking M$ points for all I care.

Sorry that has happened to you Blunt.


I am no way what one could consider to be a hacker. I understand the process, but have 0 skills in this area.


For the XBL stuff there's a couple of things you should know to better protect yourself.

How many folks here use the same password for XBL as they do for this site? How many folks here use the same password for XBL as they do another forum? How many different forums do you belong to? How many different social networking sites do you belong to? How many different email accounts do you have?


Thin about that info for a second. While you do that we'll follow this scenario.

Here with the DSA you've had to use an email to sign up with. You've also created a password. Most of you have also linked your XBL gamertag to your account. Most of us have also shared our Facebook, Google+, or Twitter account info.


So with this one site, darksidealliance.com, here is what I potentially have access to.

Your real name, city your live in, city you were born in, parent's names, your personal email, and the password you have used for this site.

So let's say you used a live.com, msn.com, or hotmail.com email address to sign up here. Chances are pretty good that's also your XBL email too.

Now if I'm really lucky you've used the same password and bam I have access to your account.

If I'm not lucky, I can use your personal info that you share to maybe have your password reset. Your favorite book, mother's maiden name, city you were born in, ect... .

So that's one method to finding out your password and it's more or less called social hacking because you're not using any sort of code to hack an exploit. What you are doing is using common info that people share to game the system.


Now not to worry Ratix has everyone's passwords hidden, even from himself.


But think about this you've joined one forum based website and there's access to all that information. How many other forums have you joined? How many of those sites have you used the same password or shared the same information?


Now in Blunt's case he also streams his game play on Justin.tv. How many people will have access to his gamertag info through that site? Now if they were to google "DSA Blunt" what sort of info would they be able to find?

I know it's seems stupid, but this is how a lot of info is found out.

Here on our site look at all the info we have access to. Now think to all the other sites you've joined and all the info you've shared through social media sites. Even if I could just guess one person's email and password a day and sell that for a few hundred that still $300x5days=$1500 a week x 52 weeks = $78,000per year. That's why folks join countless websites and just gather info that way.


That's just one main way to gather someone's info.


The other is something called brute force. That is where I use a little of the social hacking to get your email address and use a script to run through the passwords. Usually it's a script that runs through a dictionary. It'll start with A and run through Z. If I know the website makes you use 6 letters or more I'll tell my script to use only those words. This is why having things like symbols and numbers in your password is important.

A lot of the scripts you can purchase online along with the text file of a dictionary. In some ways it's easier to do then social hacking and in some ways it isn't. A hacker that does this may steal a list of emails, hack the passwords and then sell them online to whoever wants them. So sometimes you don't even need to do anything yourself other then test them in XBL to see if they have XBL accounts.


I hope this helps explain things too you.

I would suggest most folks have some sort of symbol and number combination for their password. I would also use different passwords for different things. Your password that you sign on to your bank with should be different than the one you sign up here with. It should also be different than the one you use for your email. Which should be different than the one you use for your social networking sites.


Just think about the different sites you are signed up to. How many of those use the same passwords. If any of those sites use the same passwords are your XBL or even PSN accounts. Most folks usually don't think about that sort of a thing.

In hindsight, I probably could have made my password a little more complicated.
But hindsight doesn't matter now.

What really bothers me is that however simple my password may have been,
I have been playing on LIVE for nearly 4 years without a single problem until now. Most of you who know me, know that I have raped many-a-n00bs in those 4 years. And I haven't streamed any games on Justin.tv since before Gears 3 came out in September.

I think I'm just part of this small group of unlucky folks who are getting their accounts stolen. My password being simple was a problem, but I don't think it was a personal attack on me for something that I may have done to someone else.

I highly doubt it was any sort of a personal attack. Most of my post was to show folks how easy it is delude yourself into thinking you're safe online.

With you Blunt chances are you gamed with, posted somewhere or accepted a friend that turned out to be bad. It doesn't take much to write down a gamertag and google it to see what you come up with. That's just it, if it was someone you gamed with/against just think about the thousands of people you've met through XBL and out of that one person happened to be bad.

I hope things get sorted for you Blunt and I hope it happens soon!