5-year-old hacks dad’s XBOX account; Microsoft calls boy ‘security researcher’

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

Hacking your Xbox: So easy, even a 5-year-old could do it?

A San Diego boy has the gaming world’s attention after he exposed a security flaw that let him log into his dad’s Xbox Live account, without permission, on the family’s Xbox One console.

“I was like … yeah!” young Kristoffer Von Hassel said to KGTV-10, a CNN affiliate.

Kristoffer’s father, Robert Davies, noticed soon after Christmas that his son was logging into his account and playing games that weren’t appropriate for his age. When he asked how, Kristoffer showed him a hack that seems simple in retrospect but is fairly impressive considering a 5-year-old found it.

Kristoffer would go to his dad’s account and type in an incorrect password. That would take him to a password verifications screen, where he would simply tap the space bar repeatedly and then press “enter.”

5-year-old hacks XBOX

(Photo: CNN)

“How awesome is that?” asked Davies, who works in online security himself. “Just being 5 years old and being able to find a vulnerability and latch on to that. I thought that was pretty cool.”

He told KGTV that Kristoffer has figured out three or four other “hacks,” including getting past the lock on a smartphone by holding down the “home” key for long enough.

Dad reported the vulnerability to Microsoft. And Microsoft acted, issuing a fix for the vulnerability.

“We’re always listening to our customers and thank them for bringing issues to our attention,” the company said in a written statement. “We take security seriously at Xbox and fixed the issue as soon as we learned about it.”

The company has even included Kristoffer’s name on a list of security researchers who have helped make online Microsoft products safer.

For his discovery (or, more accurately, for reporting it with his father’s help), Kristoffer will receive four games, $50 and a year’s subscription to Xbox Live from Microsoft.

Whether a career in computer security awaits remains to be seen.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.