Skip to main content

Refurbished Xbox Consoles May Be Hacked For Credit Card Info

Researchers claim that important information, such as credit card credentials, can be extracted with ease from used Xbox consoles, even if the hard-drive has been successfully formatted.

Ashley Podhradsky , a member of the research team at Drexel University, claims that her team successfully pulled out credit card data from a refurbished Xbox, simply by using software modding tools. Known for their use to "unlock" the console and allow the owner to install unofficial versions of popular games, these programs share core files and folders where important info is being stored.

Although the data should have been deleted using the factory reset option, or in this case, by Microsoft's authorised reseller, Podhradsky says that Microsoft "does a great job of protecting their proprietary information. But they don't do a great job of protecting the user's data."

The researcher claims this process to be very similar to a Windows OS format, where Microsoft advises that all the information will be erased - when in fact some bits of data are still available afterwards.

A safe solution to completely wipe an Xbox console is to pair it with a computer and run a 3rd party application, called Boot and Nuke (opens in new tab). This process also applies to any hard disk detected by the computer, so it can also be used for computers, smartphones and even other types of consoles.

Competitors like the PlayStation 3 or Wii have yet to be analysed.

Source: Kotaku (opens in new tab)