Microsoft grapples with attack on MSN Korea site

Microsoft has discovered an apparent attempt by hackers to steal user information from its South Korean MSN Web site and has taken action to repair the problem.

The attack was directed at the news section of the MSN Korea Web site, said Adam Sohn, a company spokesman. Microsoft was alerted Tuesday morning that the site had been compromised and took the site offline for a few hours to fix the problem, he said.

Microsoft has received no reports of users falling victim to the attack. The Redmond, Wash.-based software maker is still investigating the issue and has called in law enforcement to investigate and take action against those responsible, Sohn said.

Early investigation has shown that the attackers placed an additional frame on the Web site, a so-called iFrame, Sohn said. These frames could be used in malicious attacks that take advantage of a flaw in Internet Explorer, which Microsoft patched last December.

The IE Elements flaw, also known as the iFrame vulnerability, could allow an attacker to take control of a victim's PC. Microsoft's Windows XP Service Pack 2 security update, or SP2, is not vulnerable to the flaw.

Microsoft is confident that its other MSN Web sites are not vulnerable to the same type of attack. The Korean site, unlike the U.S. and most other international MSN sites, was not hosted by Microsoft, but by a Microsoft partner, Sohn said. "There may have been unpatched servers," he said, which could explain the break-in.

In Microsoft's own data centers, the company makes sure its servers are patched and in physically secure locations, Sohn said.

Broadband and mobile Internet usage is popular in South Korea. The market is important to Microsoft's MSN group, which has trialed new services in the country.

Hackers or Homeland security?

It would be my guess that Homeland security would have a more that casual interest in the MSN Membership of Korea. There new super cuybersquad has to get some field training somewhere... Duuu