Language Selection

English French German Italian Portuguese Spanish

M$ Says MSN Site Hacked in S. Korea

Filed under
Microsoft

Microsoft acknowledged Thursday that hackers booby-trapped its popular MSN Web site in South Korea to try to steal passwords from visitors. The company said it was unclear how many Internet users might have been victimized.

Microsoft said it cleaned the Web site, www.msn.co.kr, and removed the dangerous software code that unknown hackers had added earlier this week. A spokesman, Adam Sohn, said Microsoft was confident its English-language Web sites were not vulnerable to the same type of attack.

South Korea is a leader in high-speed Internet users worldwide. Microsoft’s MSN Web properties — which offer news, financial advice, car- and home-buying information and more — are among the most popular across the Web.

The affected Microsoft site in South Korea offers news and other information plus links to the company’s free e-mail and search services. Its English-language equivalent is the default home Internet page for the newest versions of its flagship Windows software sold in the United States.

The Korean site, unlike U.S. versions, was operated by another company Microsoft did not identify. Microsoft’s own experts and Korean police authorities were investigating, but Microsoft believes the computers were vulnerable because operators failed to apply necessary software patches, said Sohn, an MSN director.

“Our preliminary opinion here was, this was the result of an unpatched operating system,” Sohn said. “When stuff is in our data center, it’s easier to control. We’re pretty maniacal about getting servers patched and keeping our customers safe and protected.”

Microsoft’s acknowledgment of the hacking incident was the latest embarrassment for the world’s largest software company, which has spent hundreds of millions of dollars to improve security and promote consumer confidence in its products.

Security researchers noticed the suspicious programming added to the Korean site and contacted the company Tuesday. Microsoft traced the problem and removed the hacked computers within hours, Sohn said, but it doesn’t yet know how long the dangerous programming was present.

In recent days no customers have reported problems stemming from visits to the Web site, Sohn said.

The hacker program scanned visitors’ computers and tried to activate password-stealing software that was found separately to exist on some hacked Chinese Web sites.

Microsoft said it was trying to decide whether to issue a broad public warning to recent visitors of the Korean site as it examines its own records to attempt to trace anyone who might have been victimized.

© 2005 The Associated Press.

More in Tux Machines

Distributions News: Ubuntu, Manjaro, and Lakka

  • Ubuntu founder retakes the CEO throne, many employees gone
    Mark Shuttleworth, the founder of Canonincal has once again returned to his positition of CEO, as Jane Silber, the previous CEO now heads to the Board of Directors; and big changes happen to the staff lineup as a result. In a blog bost by Sibler, she says, “I originally agreed to be CEO for 5 years and we’ve extended my tenure as CEO by a couple of years already. We’ve been preparing for a transition for some time by strengthening the executive leadership team and maturing every aspect of the company, and earlier this year Mark and I decided that now is the time to effect this transition.”
  • [Video] Manjaro 17.0 KDE Edition - See What’s New
    Manjaro 17.0 KDE is the latest release of Manjaro Linux. This release brings new KDE Plasma 5.9.x as desktop environment include the most of KDE applications 16.12 and KDE Frameworks 5.32.
  • Make your own NES Classic Edition with Lakka 2.0 LibreELEC Linux distro and Raspberry Pi
    The NES Classic Edition is a very fun nostalgia-based gaming console. As someone who grew up with Nintendo, I knew I wanted the mini system as soon as it was announced. A family member was able to score me one on launch day, and I've been very happy with it. Unfortunately, other people have not been so lucky. Supply was very limited and it has since been discontinued. If you do not already have it, you are sort of out of luck without paying high prices on eBay or Craigslist. If you are only looking to replay the NES games of your youth, and you are OK with doing it in an unofficial way, emulation is another route. In fact, if you'd rather not play these games on your PC, you can instead use a Linux-based operating system and a Raspberry Pi (or other devices) hooked to a television. One such distro is Lakka, which just reached version 2.0. It is arguably better than an NES Classic Edition as it can also play games from other systems, such as SNES, Sega Genesis, Nintendo 64, PlayStation 1, and many more.

Software: Monitoring Tools, VSXu, and FSearch

today's howtos

Linux Mint's Plans

  • Some Of The Features Coming To Linux Mint's Cinnamon 3.4 Desktop
    In the latest monthly progress report on Linux Mint, some of the upcoming changes for the GNOME3-forked Cinnamon Desktop Environment were shared.
  • Monthly News – April 2017
    Many thanks to all the people who donated to us and who help to fund our project. Donations are down to about 60% of what they were last year, but they’re still quite high. In the first trimesters of 2015, 2016 and 2017 we respectively received $23k, $40k and $25k. Our development team has gotten bigger and our budget is being extended to include some administrators and designers. Other figures and metrics indicate we’re growing so this probably just reflects an exceptional year for donations in 2016.
  • Linux Mint Is Adopting LightDM as its Login Manager
    Linux Mint is adopting the LightDM display manager to handle and authenticate user sessions. Revealing plans in its latest monthly update, Mint says it will formally drop the MDM Display Manager (MDM) in favour of LightDM with Mint 18.2, release date for which is as-yet unknown. The popular Ubuntu-based Linux distribution mooted a possible switch earlier this year, noting that it had a key feature MDM lacks (guest sessions), and has become something of a standard across distributions.
  • Linux Mint 13 support ends, LMDE to get MATE 1.18 soon, big changes heading to Cinnamon
    The news from the Linux Mint team was quite interesting this week. First up, Linux Mint 13 has officially hit EOL (end of life), so you really do need to upgrade. LMDE (Linux Mint Debian Edition) is set to get the MATE desktop version 1.18 "this week" and they have ported mintMenu over to GTK3, since the rest of MATE is now using GTK3 too it makes sense.