Usually when you hear about some new exploit it’s from a hot shot hacker. Not today. Kristoffer Von Hassel, a five-year old boy from San Diego, found a way to access his father’s Xbox Live account. How? Through an exploit in Microsoft’s password verification set-up.
Here’s how it went down. Kristoffer entered a wrong password for his father’s Xbox Live account on Xbox One. This brought up a ‘password verification’ system. Kristoffer then filled the password field with spaces and hit enter. He now had access to his father’s Xbox Live account.
Kristoffer’s father then contacted Microsoft and made them aware of the exploit. Microsoft was quick to patch it and gave the kid four games, a year long Xbox Live subscription and $50. Microsoft also credited Kristoffer on its list of security researchers.
One question. How did this get by QA?
Kristoffer’s father told KGTV this isn’t the first time his son has found a way around locks. When he was one, he managed to get past the toddler lock screen on a cell phone by holding down the home key.
Don’t let him get near an ATM, or maybe do… Check out the video report from KGTV here.