Hackers Booby Trap MSN
Microsoft is scratching its head trying to figure out how hackers hijacked MSN’s South Korean website (www.msn.co.kr). The invaders’ goal was to obtain user passwords.
Microsoft investigators scoured the site on Thursday, leading to the removal of the foreign software code that was added by the hackers. It is yet unclear how many users were affected by the hacker program designed to scan visitors’ computers for passwords.
The program was similar to hacking software found on some Chinese websites.
A spokesman for Microsoft dismissed the notion that it English-language website were vulnerable to a similar attack. The Korean MSN site is run by a separate company and Microsoft believes the operators neglected to install the necessary security patches.
“Our preliminary opinion here was, this was the result of an unpatched operating system. When stuff is in our data center, it’s easier to control. We’re pretty maniacal about getting servers patched and keeping our customers safe and protected,” said Microsoft spokesman, Adam Sohn.
The site was taken offline for 10 hours on Thursday, two days after security researchers noticed the malignant code on the news site of MSN (news.msn.co.kr).
Etimes, a partner company of MSN Korea, operates the server.
No customers have reported any problems yet, and no notice of the incident has been posted on MSN Korea’s homepage.