Language Selection

English French German Italian Portuguese Spanish

M$ Says MSN Site Hacked in S. Korea

Filed under

Microsoft acknowledged Thursday that hackers booby-trapped its popular MSN Web site in South Korea to try to steal passwords from visitors. The company said it was unclear how many Internet users might have been victimized.

Microsoft said it cleaned the Web site,, and removed the dangerous software code that unknown hackers had added earlier this week. A spokesman, Adam Sohn, said Microsoft was confident its English-language Web sites were not vulnerable to the same type of attack.

South Korea is a leader in high-speed Internet users worldwide. Microsoft’s MSN Web properties — which offer news, financial advice, car- and home-buying information and more — are among the most popular across the Web.

The affected Microsoft site in South Korea offers news and other information plus links to the company’s free e-mail and search services. Its English-language equivalent is the default home Internet page for the newest versions of its flagship Windows software sold in the United States.

The Korean site, unlike U.S. versions, was operated by another company Microsoft did not identify. Microsoft’s own experts and Korean police authorities were investigating, but Microsoft believes the computers were vulnerable because operators failed to apply necessary software patches, said Sohn, an MSN director.

“Our preliminary opinion here was, this was the result of an unpatched operating system,” Sohn said. “When stuff is in our data center, it’s easier to control. We’re pretty maniacal about getting servers patched and keeping our customers safe and protected.”

Microsoft’s acknowledgment of the hacking incident was the latest embarrassment for the world’s largest software company, which has spent hundreds of millions of dollars to improve security and promote consumer confidence in its products.

Security researchers noticed the suspicious programming added to the Korean site and contacted the company Tuesday. Microsoft traced the problem and removed the hacked computers within hours, Sohn said, but it doesn’t yet know how long the dangerous programming was present.

In recent days no customers have reported problems stemming from visits to the Web site, Sohn said.

The hacker program scanned visitors’ computers and tried to activate password-stealing software that was found separately to exist on some hacked Chinese Web sites.

Microsoft said it was trying to decide whether to issue a broad public warning to recent visitors of the Korean site as it examines its own records to attempt to trace anyone who might have been victimized.

© 2005 The Associated Press.

More in Tux Machines

Red Hat and Fedora

Android Leftovers

Zorin OS 12 Beta - Flat white, no sugar

I did not do any other testing, no extensive tweaking, no customization. I felt no need or desire to do so. Now, do remember Zorin OS 12 is still in beta, so we can excuse some of the problems we see here. But others are purely Ubuntu, and have been ported over from the parent distro without any discrimination or any improvements and fixes introduced in the last six months. The big offenders include: multimedia and smartphone support, poor software management, and then the somewhat heavy utilization and slow performance. Zorin is quite pretty but weary on the eyes, it tries perhaps too hard to be more than it is, and overall, the value it brings is negatively offset by the myriad papercuts of its design and the implementation of its unique style, plus the failings of the Ubuntu family. It's an okay choice, if you will, but there's nothing too special about it anymore. It's not as fun as it used to be. Gone is the character, gone is the glamor. This aligns well with the overall despair in the Linux desktop world. Maybe the official release will be better, but I doubt it. Why would suddenly one distro excel where 50 others of the same crop had failed with the exact same problems? Final grade, 5/10. Test if you like the looks, other than that, there's no incentive in really using Zorin. Oh how the mighty have fallen. Read more

PlayStation 4 hacked again? Linux shown running on 4.01 firmware

Hackers attending the GeekPwn conference in Shanghai have revealed a new exploit for PlayStation 4 running on the 4.01 firmware. In a live demo you can see below, once again the Webkit browser is utilised in order to inject the exploit, which - after a conspicuous cut in the edit - jumps to a command line prompt, after which Linux is booted. NES emulation hilarity courtesy of Super Mario Bros duly follows. Assuming the hack is authentic - and showcasing it at GeekPwn makes the odds here likely - it's the first time we've seen the PlayStation 4's system software security compromised since previous holes in the older 1.76 firmware came to light, utilised by noted hacker group fail0verflow in the first PS4 Linux demo, shown in January this year. Read more Also: 'Deus Ex: Mankind Divided' Coming To Linux In November, Mac Port On Hold