Security threats Toolkit

MSN Korea hacked

Joris Evers CNET News

Published: 03 Jun 2005 09:25 BST

Microsoft has discovered an apparent attempt by hackers to steal user information from its South Korean MSN Web site and has taken action to repair the problem.

The attack was directed at the news section of the MSN Korea Web site, said Adam Sohn, a Microsoft spokesman. Microsoft was alerted Tuesday morning that the site had been compromised and took the site offline for a few hours to fix the problem, he said.

Microsoft has received no reports of users falling victim to the attack. The software maker is still investigating the issue and has called in law enforcement to investigate and take action against those responsible, Sohn said.

Early investigation has shown that the attackers placed an additional frame on the Web site, a so-called IFRAME, Sohn said. These frames could be used in malicious attacks that take advantage of a flaw in Microsoft's Internet Explorer Web browser that the company patched last December.

The IE Elements flaw, also known as the IFRAME vulnerability, could allow an attacker to take control of a victim's PC. Microsoft's Windows XP Service Pack 2 security update is not vulnerable to the flaw.

Microsoft is confident that its other MSN Web sites are not vulnerable to the same type of attack. The Korean site, unlike the US and most other international MSN sites, was not hosted by Microsoft, but by a Microsoft partner, Sohn said. "There may have been unpatched servers," he said, which could explain the break-in.

In Microsoft's own data centres, the company makes sure its servers are patched and in secure physical locations, Sohn said.

Broadband and mobile Internet usage is popular in South Korea. The market is important to Microsoft's MSN group, which has trialled new services in the country.