Anonymous' Christmastime intrusion into global think tank Stratfor's servers compromised the personal information of around 75,000 paying customers, leaving a handful the victims of credit card fraud and the rest with their names and email addresses floating around the Internet for any ne'er-do-well to find and abuse.
According to a new Microsoft security report, fallout from the attack continues to affect Stratfor customers in the form of a phishing and malware combo attack.
Cyber criminals have used data obtained in the original December attack to launch an email scam targeting Stratfor members with malware, reported the Microsoft Malware Protection Center on Monday.
The email features Texas-based Stratfor's official letterhead and discusses the recent data breach, lending it an air of legitimacy. An attached .pdf file, however, instructs recipients to download bogus anti-virus software hosted in Turkey to protect against a similarly fake virus. Clicking the URL and downloading the accompanying .zip file infects computers with an actual strain of Zbot malware.
Stratfor was singled out by Anonymous' Antisec operation for perceived ties to big business and corrupt administrations. Some of the group's paying members were eventually outed as government employees and bank workers. At least two Stratfor hacking victims reported fraudulent credit card charges made to various charity groups.
Microsoft has seen its own gaming console the Xbox 360 become a playground for both hackers and phishers. Last fall, a rash of Xbox Live account hijackings made headlines, with players' online cash - Microsoft Points - being spent on additional content for FIFA 2011 and other sports games.
Jason Coutee, an XBL member whose account was hacked, discovered a possible vulnerability within the service's Windows Live ID sign-in system which could allow hackers to break into accounts with brute force. Microsoft later addressed the potential security hole with an update.
