Language Selection

English French German Italian Portuguese Spanish

M$ Says MSN Site Hacked in S. Korea

Filed under
Microsoft

Microsoft acknowledged Thursday that hackers booby-trapped its popular MSN Web site in South Korea to try to steal passwords from visitors. The company said it was unclear how many Internet users might have been victimized.

Microsoft said it cleaned the Web site, www.msn.co.kr, and removed the dangerous software code that unknown hackers had added earlier this week. A spokesman, Adam Sohn, said Microsoft was confident its English-language Web sites were not vulnerable to the same type of attack.

South Korea is a leader in high-speed Internet users worldwide. Microsoft’s MSN Web properties — which offer news, financial advice, car- and home-buying information and more — are among the most popular across the Web.

The affected Microsoft site in South Korea offers news and other information plus links to the company’s free e-mail and search services. Its English-language equivalent is the default home Internet page for the newest versions of its flagship Windows software sold in the United States.

The Korean site, unlike U.S. versions, was operated by another company Microsoft did not identify. Microsoft’s own experts and Korean police authorities were investigating, but Microsoft believes the computers were vulnerable because operators failed to apply necessary software patches, said Sohn, an MSN director.

“Our preliminary opinion here was, this was the result of an unpatched operating system,” Sohn said. “When stuff is in our data center, it’s easier to control. We’re pretty maniacal about getting servers patched and keeping our customers safe and protected.”

Microsoft’s acknowledgment of the hacking incident was the latest embarrassment for the world’s largest software company, which has spent hundreds of millions of dollars to improve security and promote consumer confidence in its products.

Security researchers noticed the suspicious programming added to the Korean site and contacted the company Tuesday. Microsoft traced the problem and removed the hacked computers within hours, Sohn said, but it doesn’t yet know how long the dangerous programming was present.

In recent days no customers have reported problems stemming from visits to the Web site, Sohn said.

The hacker program scanned visitors’ computers and tried to activate password-stealing software that was found separately to exist on some hacked Chinese Web sites.

Microsoft said it was trying to decide whether to issue a broad public warning to recent visitors of the Korean site as it examines its own records to attempt to trace anyone who might have been victimized.

© 2005 The Associated Press.

More in Tux Machines

Development of Linux 4.15

  • Broadcom Hurricane 2 & Allwinner R40 Supported By Linux 4.15
    More ARM platform upstreaming has taken place for the Linux 4.15 kernel development cycle among other ARM hardware improvements.
  • Intel Coffee Lake & Cannonlake Thermal Support In Linux 4.15
    While Intel Coffee Lake hardware is shipping already, a few bits of tardy kernel code for these "8th Gen Core" CPUs is only hitting the Linux 4.15 kernel. The Intel DRM driver is most notably enabling Coffee Lake graphics by default in 4.15, but there's also some thermal code now landing among other changes now happening. Zhang Rui sent in the thermal updates for Linux 4.15 on Thursday and they include late additions for Coffee Lake but at the same time the relevant additions for Cannonlake that will be shipping in 2018 as the next-gen Intel CPUs.
  • AMDGPU DC Pull Request Submitted For Linux 4.15 Kernel - 132,395 Lines Of Code
    One day after submitting the main DRM feature pull request for Linux 4.15, David Airlie of Red Hat has submitted the secondary pull request that would feature the long-awaited introduction of AMDGPU DC into the mainline kernel.

Tizen News: Knox, YouTube, Financial Apps

Red Hat: OpenShift Container Platform, CTICC, Quote-to-Cash

Kubuntu 17.10 review - Hello darkness my old friend

This must be one of the worst Kubuntu releases I've tried in a long time. Part of the fault lies with the parent distro, and the heartless switch to Gnome, which just shows that the passion to making Ubuntu an important desktop player is gone. This is just inertia and apathy. Still, there's so much wrong with Kubuntu on its own that I feel like a total fool for investing my time in this effort. And it also proves that there is only one good release for every three, showing that distro teams are overstretched roughly by 300%. The whole fast-release bullshit is just the modern-era agile-crap nonsense. It helps no one. Shitty products serve no purpose. Being fast for the sake of it is like running head first into an industrial blender to have your outstretched arms finely chopped by spinning blades. Kubuntu 17.10 Artful Aardvark makes me sad. Makes me angry. Zesty was one of the finest distros ever created. This is one of the worst. That makes no sense. How can it be? Where's the modicum of care and diligence to ensure this kind of stuff does not happen? Application crashes, kernel crashes, media bugs, weird artifacts. Horrible. My suggestion is not to upgrade for now. And even then, the foundation of your sanity is shaken. Come the upgrade, you do not know what will happen. You're hostage to arbitrary code decisions. There's no peace and stability in the Linux desktop. You will always have to dread the update process, not knowing what will break next. That is the essence of amateurism. And I'm right there, advocating Plasma and Kubuntu like the biggest of fools in this universe. Anyway, for the sake of public sacrifice, I'll also check 17.10 in-vivo upgrades on other machines, but my expectations are low. Aardvark gets 4/10. Don't bother for now, give it six months for the bugs to be fixed before a new release erases the slate and the cycle of depression starts again. Read more Also: First Look At Linux Mint 18.3 Sylvia Beta