Xbox Underground


Xbox Underground was an international hacker group responsible for gaining unauthorized access to the computer network of Microsoft and its development partners, including Activision, Epic Games, and Valve, in order to obtain sensitive information relating to Xbox One and Xbox Live.

Microsoft

Microsoft's computer network was compromised repeatedly by the Xbox Underground between 2011 and 2013. According to a 65-page indictment, the hackers spent "hundreds of hours" searching through Microsoft's network copying log-in credentials, source code, technical specifications and other data. This culminated in the perpetrators carrying out a physical theft, by using stolen credentials to enter "a secure building" at Microsoft's Redmond headquarters and exiting with Xbox development kits. Group members say they were driven by a strong curiosity about Microsoft's then-unreleased Xbox One console and associated software.
Beginning in or about January 2011, Microsoft was the victim of incidents of unauthorized access to its computer networks, including GDNP's protected computer network, which resulted in the theft of log-in credentials, trade secrets and intellectual property relating to its Xbox gaming system. p. 4

In or about September 2013, Alcala and Pokora brokered a physical theft, committed by A.S. and E.A., of multiple Xbox Development Kits from a secure building on Microsoft's Redmond, Washington campus. Using stolen access credentials to a Microsoft building, A.S. and E.A. entered the building and stole three non-public versions of the Xbox One console... p. 31

Apache helicopter simulator software

The group is also accused of breaching the computer network of Zombie Studios, through which they obtained Apache helicopter simulator software developed for the United States military. David Pokora was quoted as saying: "Have you been listening to the that I've done this past month? I have to the U.S. military. I have to the Australian Department of Defense... I have every single big company – Intel, AMD, Nvidia – any game company you could name, Google, Microsoft, Disney, Warner Brothers, everything."

Members

Four members of the group have pleaded guilty to charges. David Pokora, the first foreign hacker ever to be sentenced on United States soil, received an 18-month prison term on April 23, 2014 and was released in July 2015. Nathan Leroux and Sanad Odeh Nesheiwat were sentenced on June 11 and received 24 months and 18 months respectively; and Austin Alcala was due for sentencing in July, though he went on to cooperate with the FBI in resolving another criminal case involving the illegal trade of FIFA coins.
Dylan Wheeler, currently out of reach of the United States, lived in Australia at the time and was charged with a varying degree of charges. He was not convicted, having fled the country, and is currently living in Eastern Europe over human rights and political issues with his trial. His mother, Anna Wheeler, was later jailed for more than two years for helping him flee Australia to avoid criminal charges.
Wheeler alleges that a sixth member, Justin May, worked with the FBI "to bring down the group". May had previously been placed on pre-trial probation for an earlier offense involving data theft, the agreement of which required him to stay off Xbox Live. He came under renewed interest from the FBI in 2017 after they seized a new BMW coupe and $38,595 in cash that was hidden throughout his home.