On Sunday night, Eric Graff put his son to bed. He flipped on his 360 and got ready for a session of Borderlands 2 with some friends. But when he tried to log onto his Xbox Live account, the password wouldn't work. His account had been hacked.
And then Graff did something usually reserved for daydreams and bad romantic comedies: he tracked down the hacker and found him/her on an Internet forum, trying to pawn off Graff's account for $110.
Graff, who has used Microsoft's online service since it was first introduced almost a decade ago, has seen his accounts hacked before: last year, he lost an account named Fiend in a similar situation. So when Fiend II wouldn't work Sunday, Graff had some nasty immediate thoughts: "Shit! Did this really happen again?"
"First thing I did was call my 1800-4MY-XBOX customer support line to report this," Graff told me in an e-mail. "I knew that this process usually took days and was not looking forward to that. I thought maybe since I had noticed this only an hour or so after it happened (had checked my email not long before and it had worked) that maybe they could help me a bit easier. NOPE. Same ole same ole report email being sent to the Unauthorized Access department, might get to hear something in a few days. That was deflating, but not unexpected since I had been through this process before."
So Monday, he got up and started searching the Internet for stories of Xbox hackings. Some googling let him to a Kotaku article about how scammers steal accounts (and what victims can do to protect themselves). He read about Forum Korner, a black-market website where people buy and sell other peoples' account information.
"I couldn't believe that a site like that could operate out in the open like that, it just blew my mind," Graff said. "Anyway, my brain just kind of filed that away and I gave up searching."
Later, he logged onto Xbox Live using a different account to look for Fiend II and see if anyone was using it. Someone was. The location and name had been changed—the location now said "FK" and the name said "Forum Korner."
"That is when something in my brain clicked," Graff said. "Now this was hours after I had read that article so it didn't really click at first, but eventually I said to myself 'that name sounds familiar, where have I heard that before?'"
Then it hit him: ForumKorner.com. He immediately went to the website and entered FIEND in the search bar. This thread came up:
Legit 10 Year Tenure! PROOF
Selling legit 10 year Tenure account. You can add me as a friend aswell.Current Bid: $110
"My jaw dropped," Graff said. "I could not believe what I was seeing. Honestly I could not believe that I actually FOUND the person that stole my XBL account and was selling it on a website! That has to be a one in a million shot right?"
Graff was virtual face to virtual face with the person who had hacked him, someone going by the handle InsaneYo. Scrolling through the forum thread in rage, Graff found that people were very, very interested in buying his account.
"oh wow, that is a sexy account..." one poster wrote.
"Jesus, wish I had my money right now," said another.
So Graff made an account on ForumKorner, calling himself You Are Busted and fingering the culprit:
Hey asshole. I found you. This is my gamertag that you stole last night. You are busted BITCH!
I now have screen shots of all 4 pages of this thread and you are all going down.
I have Microsoft looking at this page right now and everyone is IP logged. Sucks for you guys.
You fucked with the wrong guy!!!
Some people believed him. Others didn't. He continued posting on the forum:
Thanks. Fiend II isnt my original account. I was actually an XBOX LIVE! beta tester and my original GT was just Fiend. Too bad some other dipshit stolen that one last year. They probably sold that one on this site too. I have many friends that work for Microsoft, so this guy is soooo busted. I think he might have just changed the GT, but I have screen shots of everything so he can do whatever he wants.
Hear that knock at your door yet son??
InsaneYo wrote back:
If you have SO many friends working at Microsoft why haven't you got your original tag back? Kid just leave this site.
Graff:
So how did you steal it, just curious?
InsaneYo:
C'mon Eric, I thought you and your MS buddies would have known by now.
I work for Xbawkz and I dun hecked ur account.
This went on for a little while, and InsaneYo eventually admitted to stealing Graff's info. "It only took me about 5 minutes to take this," the hacker wrote. "Wasn't really hoping to sell this anyways as I know I wouldn't have had it for long, I just did it for the lulz."
Eventually a ForumKorner moderator closed the thread and banned InsaneYo from the forum. Graff says a moderator also sent him a private message saying "Don't tell Microsoft please."
"Yea buddy, I'll keep your secret safe," Graff snarked later in an e-mail to me.
But Graff still hasn't gotten his account back, even after furiously calling and e-mailing Microsoft representatives several times to share his story. He says he has no ill will for the Xbox makers; he just wishes their security process was more transparent.
"Sure this whole experience has sucked, Graff said, "but I hope that sharing this story will make more people and Microsoft aware of all the stuff that is going on at ForumKorner and other sites like it and get it shut down."
Update: Microsoft sent us a statement this afternoon:
We are committed to addressing and persistently resolving our customers' individual and collective concerns in a timely manner. Security is an ongoing battle and we are working every day to bring new forms of protection to Xbox Live. We look out for sites like this, work with local law enforcement, and shut them down where we can. Engaging in identity theft, trading in stolen accounts, and committing credit card fraud is all illegal, and those involved in this activity risk criminal prosecution. This activity also violates our Terms of Use, and both the seller and the buyer run the risk of console and account bans from Xbox Live.
"We also strongly encourage all of our members to visit our dedicated Xbox Live Account Security page at http://xbox.com/security to learn about ways they can help protect their account.
The original headline for this article read "Man Loses Xbox Account To Thief, Gives Thief Virtual Smackdown." It has since been changed.