Microsoft’s India Store Hit By Hackers, User Database Exposed

February 14, 2012 0

India — In another annoying act, Chinese hackers under the garb of EvilShadowTeam struck India’s online Microsoft store over the weekend. The software giant Microsoft is now examining a “limited compromise” of the company’s online store in India, the company said Monday.

If you have an account on the store, you should change your password immediately as visitors to microsoftstore.co.in are met with the following message: “The Microsoft Store India is currently unavailable. Microsoft is working to restore access as quickly as possible. We apologize for any inconvenience this may have caused.”

(Credit: Microsoft)

Microsoft confirmed the news in the following statement sent to CNET:

Microsoft is investigating the minimal compromise of the company’s online store in India. Customers have been notified and provided with guidance to reset their passwords. We are diligently working to remedy the incident and keep our customers protected.

Outrageously, a Chinese group of hackers branding itself as Evil Shadow Team took credit for the hack, posting screenshots of obscured usernames and passwords that it found unencrypted on the site, according to Reuters. The group touted the attack on its own blog (here is an English translation). posting a screenshot of the hacked Web site with the message: “Unsafe system will be baptized.”

The hack, first reported by wpsauce.com and uncovered by the Times of India, occurred last night. The website was replaced with an image of a hooded individual wearing a Guy Fawkes mask–the symbol of hacker collective Anonymous– with the line “Evil Shadow Team” at the bottom.

A Chinese member of Evil Shadow Team known as 7z1 posted on his blog that he was a “patriotic” hacker.

(Credit: ps.s.blog.163.com)

As a matter of fact, the site is in Chinese, HackTeach has images that illustrate the extent of the damage and just how unprepared the India Microsoft Store was for an attack like this.

“The store customers have already been sent guidance on the concerning the situation and suggested immediate actions,” the company said in a statement.

Wpsauce.com later said that 7z1 and his partner, Ancker, accessed the site’s database, including passwords. They later uploaded a file titled evil.html with the data. In addition, the usernames and passwords of some customers may have been exposed, and users are being advised to change their passwords immediately, said a person close to the situation, who declined to be named. Financial information of customers has not been exposed, the person said.

The store was hugely vandalized over the weekend by hackers who claimed to be Chinese. The hackers also released images of what appeared to be lists of users’ names and passwords.

Assessing the root cause of the issue, it is supposed that India has border disputes with both China and Pakistan, and the animosity gets reflected on social media networks, and in hacks of websites on both sides of the borders. Some top Indian websites including that of the country’s Central Bureau of Investigation have been hacked.

1,651 websites were defaced in India in November, according to data from the Indian Computer Emergency Response Team (CERT-In). Moreover, last October, Microsoft’s YouTube account was hacked and advertising-themed videos were uploaded.