An exploit that allowed hackers to generate new Microsoft Points codes from old ones has cost Microsoft roughly $1.2 million.
Websites offering free Microsoft Points are a dime a dozen and generally best avoided but on March 7 one went online that was, at least in some sense of the word, legit. A group of creative hackers came up with an algorithm that let them use old, existing MS Points codes to generate new ones and they put it online for all to share.
Each refresh of the site brought up a new 160 point code; one person claimed that he scrounged up $150 worth of points in about 20 minutes, but naturally others began having trouble accessing the site as traffic rapidly grew beyond capacity. For those in the know, a stand-alone code generator that could also generate codes for a Halo: Reach Banshee avatar prop or a 48-hour Xbox Live trial was available from various pirate sites.
Microsoft dropped the hammer on the operation fairly quickly but not before roughly $1.2 million worth of MS Points had been cranked out. No word yet on what the company plans to do about it; if it has a way of determining which points are counterfeit it could presumably ban anyone who tries to use them and possibly even track purchases to give the boot to anyone who generated and used the points before it got involved, but whether that's practical or even possible is unclear.
Source: Save and Quit