Microsoft left red-faced after official blog and Twitter accounts hacked

Graham Cluley
Graham Cluley
@[email protected]

The Syrian Electronic Army has won another scalp this weekend, hijacking two official Microsoft Twitter accounts (@MSFTnews and @XboxSupport) as well as the company’s official blog on TechNet.

Microsoft Twitter hack

Microsoft blog hack

Microsoft has since wrestled control of its Twitter accounts back, but it’s clearly worried about what the hackers might have been up to on their blog – shutting them “for maintenance” for the time being:

Sign up to our free newsletter.
Security news, advice, and tips.

Down for maintenance

The pro-Assad hackers, who have managed to compromise the social media accounts of many media organisations and corporations in the last year or so using fairly rudimentary phishing techniques, were reported by Mashable to have said that they targeted Microsoft because they believe the company is assisting governments and intelligence agencies with surveillance.

This attack comes less than two weeks after Skype (which is owned by Microsoft) had its Twitter account, Facebook page and blog hijacked by the Syrian Electronic Army who phished password details from an unwary member of the company’s social media team.

If only the people looking after the @XBoxSupport and @MSFTnews Twitter accounts had followed the advice from their own firm’s security team, who warned of the threat of phishing attacks just days ago.

There’s no sign of the Syrian Electronic Army slowing down in its campaign of phishing attacks, designed to embarrass organisations and media outlets. Educate your staff about phishing attacks, and consider implementing two factor authentication to better control access to your social media accounts.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.