Microsoft MSN Korea website hacked

It looks like hackers have some unfinished business with software giant Microsoft. For they have targeted the Microsoft Corp.'s popular MSN Web site in Korea and have activated password-stealing software which gave them access to passwords of the users on the site.

It was unclear as to how many users had been affected because of this. Analysts believe that this activity continued for upto three days before protective measures were undertaken. This attack is the latest in a series of penetrations into Microsoft's products that continue to plague the company even though it has invested millions of dollars to make its products safer.

To compound the misery of Microsoft, this break-in went undetected for days before a security company sounded the alarm on Sunday. Researchers at San Diego-based Websense Inc. discovered that the hackers had broken into the Korean site during routine scans on Sunday. Websense scans more than 250 million Web sites every week looking for sources of viruses and related problems that affect websites. Dan Hubbard, senior security director at Websense, said, "Our alarms went off (Sunday). We noticed it was infected."
A scan of MSN Korea site on the evening of May 27 had not revealed any intrusion, he added. Websense then quickly updated protective software to keep its own corporate customers safe. However, they were unable to reach Microsoft's officials due to the Memorial Day holiday weekend. Microsoft only came to know about this break-in by midday on Tuesday.

Within hours, the company had cleaned the Web site, www.msn.co.kr, and erased the software code that had been placed in its news page.

Microsoft spokesman, Adam Sohn, said, "Our preliminary opinion here was, this was the result of an unpatched operating system. When stuff is in our data center, it's easier to control. We're pretty maniacal about getting servers patched and keeping our customers safe and protected." He added that the Korean site was run by another company, which failed to apply necessary software patches to render the site safe. MSN Korea said that the attack affected only its news page on the site. MSN Korea employee Kim Ye-na, said that the hackers had planted an adware program called "Malware" that causes pop-up advertisements to appear in the user's computer.

The hackers targeted the Lineage game and stole passwords to game accounts, a fact that somewhat lessened the significance of the break-in. Hackers could not penetrate passwords to banking accounts. Mike Crouch, a spokesman for the U.S. subsidiary of South Korea-based NCSoft Corp, said that the Lineage game is among the most popular ones in Asia and has over 4 million subscribers, who pay about $15 each month. He added that as far as he was aware there was no increase in complaints by subscribers about stolen passwords tied to the Microsoft break-in. Meanwhile, Adam Sohn said the company was confident its English-language Web sites were not vulnerable to attacks of a similar nature.

Consequent to this news, Microsoft shares took a hit and fell 36 cents to $25.43 on the Nasdaq Stock Market.