Independent security researchers contacted Microsoft on Tuesday after noticing ''suspicious programming'', and MSN Korea was offline for 10 hours on Thursday as a result. The site was back online Friday.
Microsoft confirmed the hacking, saying it acted quickly to remove the malicious code that had somehow been added to the site earlier in the week and launched an investigation into the breach.
''Microsoft learned of a criminal attempt to compromise an MSN Korea property hosted by a third party. The Microsoft Security Response Center and MSN response teams immediately mobilized to investigate the incident. Within a few hours... Microsoft took the appropriate action to resolve the issue and stop any additional criminal activity,'' said Adam Sohn, director of Global Sales and Marketing for MSN.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i According to Microsoft, it is unclear how much, if any, user data was stolen and whether it is up for sale on any hacker networks.
''Microsoft is not currently aware of any customer impact as a result of this criminal activity, but will continue to investigate the incident and take any necessary action to help protect customers,'' said Sohn. ''Microsoft is cooperating with law enforcement to investigate and take appropriate legal action against those responsible.''
Initial indications point to un-patched servers that hosted the MSN Korea site as the vulnerability that led to the outage. The servers in question were not operated by Microsoft but had been outsourced to a local Korean provider. MSN's U.S. Web properties are managed and hosted directly by Microsoft.
The malicious code that infiltrated MSN Korea supposedly scanned users PCs and attempted to activate a keylogger that security researchers found on hacked Chinese Web sites.
This article was first published on internetnews.com.