Microsoft’s online storefront in India has been hacked and subsequently defaced by a Chinese hacking group that goes by the alias of EvilShadow. As of 12PM EST, visiting the website will display the message as screenshotted above. Links to the hackers’ blog have also been included, in which a post claiming responsibility for the attack can be found. With a little assistance of Google Translate, here’s what the post said:
Do not explain, line and over ~Black page Address: http://www.microsoftstore.co.in/evil.html
Shut down the organization’s internal group (119,883,641) added directly to the channel, and security enthusiasts who are interested can send the original articles, animations, tools to the mailbox <snipped> audit the ok, was open to join.
On the “black page” — subtly labeled Evil.html — the infamous Anonymous mask can be found. Below the image is the text, “Evil Shadow Team..Unsafe system will be baptized …” along with another link to their blog.
The motives behind this hack are currently unclear, but it’s likely that it was performed as a playful challenge, and not for social or political reasons.
UPDATE: This attack is far more severe than initially imagined. As reported by HackTeach (oddly enough, it seems that images may not show in Google Chrome), the hackers managed to gain access to the database, where Microsoft carelessly stored password data in plain text.
If you had an account on microsoftstore.co.in, we urge you to change your password (or passwords, if you used the same password here on other services), as it has been compromised.
UPDATE 2: As noted by The Verge, the site is now back in the hands of Quasar Media Pvt. Ltd. (which, as the Microsoft Store India ToS points out, is the company that Microsoft outsourced the operations of this store to.) As of 2AM EST, they are working to bring the site back up. Let’s hope that they are adding proper password hashing/SALTing this time.