Slashdot Mirror
Korean MSN Site Hacked
An anonymous reader writes "CNN is reporting that MSN's Korean website was hacked in order to allow usernames and passwords to be stolen. Microsoft is initially blaming unpatched, outsourced servers. Just another embarrassment to Microsoft's security push."
We all know microsoft doesn't trust windows to run its webservers!
from a sincere admin
Untold number of "In korea, only old people..." bad jokes are on their way.
In Korea, only old people hack a worthless-piece-of-shit OS.
Yes! I listen to NYC Speedcore and do math at 3AM. I suggest you try it too.
In Korea, only old people use MSN. Only dead people use AOL.
I assume they weren't using *nix? =)
"I cannot think of any need in childhood as strong as the need for a father's protection." -- Sigmund Freud
Anyone got a mirror of the defacement?
We as voters have given up essential liberty. We hoped to purchase a little temporary safety. We in fact deserve neither
Yet another security issue related to microsoft. Since when is that news?
(nelson) Haha (/nelson)
They might steal all the old peoples' email passwords!
In korea only old people use MSN.
So the server was also old (unpatched)
~Aha~
... are belong to everyone else.
Hopefully, this incident will remind MSN of the importance of always making sure they have applied the latest patches, updates, and service packs from Microsoft's Windows Update site.
Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
It's not really an embarrassment to Microsoft. It's an embarrassment to Koreans who have long been the leaders in wide-spread broadband and internet usage. You'd have expected that they, of all nationalities, would have their act together when it came to running servers. Unfortunately, it seems that even they are not immune to hacks.
Which is all for the better, of course. The more these systems are attacked, the harder they become. Kind of like how the SR-71's outer plating would become harder each time it took to the skies, or like how the samurai's katana becomes harder each time it is thrust into the forge. Systems become stronger by trial.
So next time there won't be this problem. That there was a problem this time is unfortunate, but like the lessons of history, this experience will make the victims Better. Stronger. Faster than before.
Please slashdot, you're not doing any justice by harping on Microsoft. Your bias is just disgusting. Why don't you post one of the 1,000,000 Linux defacements or break-ins that happen monthly?
And I know I'm posting Anonymously. I don't have an account nor do I care to create one at your site until you stop being the Fox Network equivalent for Tech News.
Microsoft is initially blaming unpatched, outsourced servers.
Looks like they didn't install SP2, enabled the firewall, and have automatic download of Windows Updates enabled. I guess Microsoft forgot to pay extra for having "secured" servers when they signed the outsource contract. It's a shame that they have to eat their own dogs... uh, food.
>>> The Korean site, unlike U.S. versions, was operated by another company, which Microsoft did not identify. Microsoft's own experts and Korean police were investigating, but Microsoft believes the computers were vulnerable because operators failed to apply necessary software patches, said Sohn, an MSN director.
Don't trust other companies to apply security patches for your site.
Don't try to use the force. Do or do not, there is no try.
From Netcraft:
/ /www.msn.co.kr
Windows Server 2003
Microsoft-IIS/6.0 9-Dec-2004
http://toolbar.netcraft.com/site_report?url=http:
http://www.thebricktestament.com/the_law/when_to_
"CNN is reporting that MSN's Korean website was hacked in order to allow usernames and passwords to be stolen. Microsoft is initially blaming unpatched, outsourced servers. Just another embarrassment to Microsoft's security push."
Yes, Microsoft has a good deal of well-deserved bad karma. That you could consider this to be a failing of their software is ridiculous, though. If this is an embarassment to Microsoft, many Free, Open software packages of every sort, from Apache to Linux to OpenBSD to OpenSSH have been so embarassed.
I'm all for calling out Microsoft when they're (a) full of marketing bullshit, (b) way behind everyone else technically, and (c) playing dirty politics. They deserve to be criticized then. But this is simply a non-event. They had a website get cracked. Big deal. Heck, Sourceforge, the largest repository of Open Source software, has been cracked multiple times, if you want an Open Source counterpart.
Blame Microsoft when they deserve it, and your words will get more weight. If Oracle had run out and said that "Our database is hacker-proof", and the next day their website had been broken into and their database cracked, that would be a fair point to criticize someone. But simply "you had a website cracked" is no longer a big deal for most companies.
Any program relying on (nontrivial) preemptive multithreading will be buggy.
-- "I never gave these stories much credence." - HAL 9000
Not that this is very important, but they wouldn't be running their servers with SP2.
They are likely running Windows Server 2003 and the latest service pack for WS2K3 is SP1. SP1 for WS2k3 came out after SP2 for XP so it should contain everything that SP2 contains.
The Internet is full. Go Away!!!
Only old servers are unpatched.
503 Sig Unavailable
The Signature could not be accessed. Please try again later or contact the administrator
LOL ROFLMAO!
[sorry -- I really couldn't resist]
Microsoft eats own dogfood, suffers serious indigestion.
I'd love to see Gates have a tantrum over this one. Someone is going to get flying-ninja kicked in the nuts.
http://www.thebricktestament.com/the_law/when_to_
I, for one, welcome our new Korean overlords.
Microsoft's software security push likes to be tied in a chair with a gag in its mouth, while its boyfriend makes love to another man in front of it. It is embarassed when it finds another blackened spoon in the bathroom after he promised to quit. But Koreans stealing its passwords is not embarassing.
"Korean Windows Update Site Hacked"
I am sorry, Microsoft, but I don't give a damn that you outsourced your servers. The customer is buying your name and reputation when they buy your product. So, you may have saved money on the bottom line, but you have squandered trust the consumer had for you. At some point in the future, you will realize what a valuable commodity this was and how expensive it is to re-acquire.
"To those who are overly cautious, everything is impossible. "
Aww how cute! Look at all the Anti-Corprate Gates haters. Maybe if there were as many Linux haters you would see the same happen to Linux systems.
someone proves that the person who submitted this news article isn't the hacker himself.
It's no surprise that this happened in Korea. I haven't ever met a Korean who didn't think that everything under the sun was invented in his country. I've even met quite a few who thought that Jesus Christ retired in Korea after the crucifixion. Even today, they are trying to lay claim to Japan's Tokushima islands with protestors setting themselves on fire (??!) and stabbing themselves with sharp objects.
It's no wonder that a "we can do no wrong" culture leads to this type of situation.
How's that old saw go? Pride goeth before destruction, a haughty spirit before a fall.
Security researchers noticed the suspicious programming added to the Korean site Tuesday and contacted the company.
Microsoft/its hosting company didn't even notice the problem. Sombody had to tell them their own site was hacked. Security Through Good Luck(TM).
Microsoft said it was trying to decide whether to issue a broad public warning to recent visitors of the Korean site...
Thats good; keep users ignorant. Way to go.
According to netcraft.
r
(I was expecting this to be an 'ironically linux', but no)
http://uptime.netcraft.com/up/graph?site=msn.co.k
http://msn.co.kr/ was running Microsoft-IIS on Windows Server 2003 when last queried at 3-Jun-2005 04:32:08 GMT - refresh now Site Report
Try out the Netcraft Toolbar! FAQ
OS Server Last changed IP address Netblock Owner
Windows Server 2003 Microsoft-IIS/6.0 26-Dec-2004 207.46.78.16 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 1-Nov-2004 207.46.78.16 Microsoft Corp
Windows 2000 unknown 31-Oct-2004 207.46.78.16 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 12-Sep-2004 207.46.78.16 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 8-May-2004 207.46.68.21 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 13-Feb-2003 207.46.68.21 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 29-Jun-2002 207.46.89.101 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 8-Jan-2002 207.68.182.61 Microsoft Corp
Windows 2000 Microsoft-IIS/5.0 28-Nov-2001 207.68.182.53 Microsoft Corp
FreeBSD Microsoft-IIS/5.0 27-Nov-2001 207.68.182.53 Microsoft Corp
No uptime is currently available for msn.co.kr.
kekekekekekekekeke ^_____________^
This is why Sun doesn't allow Windows clients to connect to their internal network. Windows is a liability.
In other Korean news, Jeon Ji Hyun is still a very Sassy Girl.
"Microsoft said it cleaned the Web site, www.msn.co.kr, and removed the dangerous software code... "
I got $5 that says this translates to "formatted and reinstalled the OS..."
No unauthorized use. Trespassers will be shot. Survivors will be shot again.
The same typical people will come on here and post about how they hate M$ and this is their fault because having an enemy gives them a sense of self and identity as part of the /. groupthink. Of course as usual /.'ers miss the point. This story has more to do with international
relations than M$. But as usual /. bias comes through. /. cares more for rumor, gossip and bias especially if it's directed at its supposed enemies. Anyone who points this out of course will be modded down accordingly.
Microsoft is initially blaming unpatched, outsourced servers.
Outsourced your MS jobs to Asia, and now outsourced servers are taking revenge.
MS: 0
Offshored U.S. Techies: 0
Globalization: 2
(Relax, itsa half joke)
Table-ized A.I.
MS can't afford to run their own servers?
The MS Server 2003 licensing fees are too high, so they outsource it to a cheaper locale - uhmmm...
Yup sure sounds sounds like the appropriate people to bash. Who says there is no bias here?
"The Korean site, unlike U.S. versions, was operated by another company, which Microsoft did not identify. Microsoft's own experts and Korean police were investigating, but Microsoft believes the computers were vulnerable because operators failed to apply necessary software patches, said Sohn, an MSN director."
RTFA
nuff said
At least not that I've seen in my limited Windows admin experience. They always seem to be manual hotfixes and service packs.
Go back to journal trolling...
n/t
Just another embarrassment to Microsoft's security push.
No, this is a classic case of why outsourcing mission critical systems and/or data is wrong. It also goes to show that it's NECESSARY to patch mission critical hardware (hell, even non-mission critical Spider Solitaire machines).
We all have issues with MS, but this time it isn't directly their fault.
...old AND young people would hit that.
I'd take Ji Hyun over Baek Doo San any week.
This wouldn't have been that big of a deal if Microsoft's security push came w/ Trust in a Bottle...
[o]_O
I actually don't think it has anything to do with journalistic integrity. I think the trolls on this site are on a disruptive campaign to start flame wars. This is the second article this week that has an overbearing bias towards M$. If you notice straight away the comments start coming about /. bias and people are modded down accordingly. Why? Because the trolls are coordinating not only the articles but coalescing to mod (a number of the mods are trolls) down people so as to incite more hatred of not only /. but M$ as well. This happens week in week out. It won't stop till there is an investigation of the massive highly organised trolling that goes on here on /.
I've been getting "SSL certificate couldn't be verified" messages when logging into Hotmail for the past few days. I'm in the US. The article says nothing about US sites, but it sure seems like a big coincidence that Hotmail has been acting up for me around the same time that this was going on.
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
Dupe!! ... Oh, hold on, Korea this time. Well in this case I'd like to put in a pre-emptive dupe... its bound to happen again.
"I'm going to f***ing bury that guy, I have done it before, and I will do it again. I'm going to f***ing kill Google"
There could indeed be some good Korean hackers behind this.
Remember, Debian's servers were hacked a while back. People who live in glass houses shouldn't throw stones.
Computers are only as safe as the person(s) looking after them, and that goes for any operating system.
So true, so true. You know what'd louse up /.'s pitiful existence? Spreading this new meme around the Internets. Slashdot: Fair & Balanced (R)
The hackers used the Zerg rush.
Bill Gates: Chairman Il, I'm calling in regards to your proposal to develop MSN-orthKorea.
Kim Jong Il: Ahh, yes. I would like all searches to return two results--the party's web page and Western blondes. And the butterfly is too free. Can you change it to a moth made from gray wool and the sorrows of my people?
Bill Gates: I think we can do that. MothXP (formerly My Moth) enables you to go that place today.
Kim Jong Il: Excellent... Can you make the moths old?
Attention people of Afghanistan! We flushed a Koran down the toilet, not a Korean. Chill out will you?
Your friends,
The guards at Gitmo
"Remember, Debian's servers were hacked a while back. People who live in glass houses shouldn't throw stones."
We of the Glass House Council highly recommend that people continue throwing stones.
Maybe you better stay inside under your mom's skirt. It's not safe for kids to be playing out here on the internet.
So next time there won't be this problem. That there was a problem this time is unfortunate, but like the lessons of history, this experience will make the victims Better. Stronger. Faster than before.
Not always. Sometimes the experience leaves the victim Dead. Extinct. Irrelevant. (cf : Dinosaurs)
My next sig will be ready soon, but subscribers can beat the rush
Heh. I now, officially, think Korea is cool.
I wasn't a fanboy when Sega was around, and by god, I'm not one now.
You're forgetting that you can't just compare raw numbers like that.
Apache runs a lot more web servers than IIS. Despite BSD being way more secure than Linux it is also used much less frequently.
Statistics like these are probably the most useless in determining security in terms of safety. I can't say for certain, but more than anything they probably say more about the commonality of the respective programs and operating systems.
Especially when looking at most of these "hacks" they are really just web site defacements, most of which don't count against specific operating systems or web servers.
A lot of attacks like those are done by taking advantage of holes in web software, ie SQL injections, or exploiting other flaws in script logic.
Oh well... I'm wasting my time.
Only One OS has NEVER been hacked or rooted ever!
And that is MacOS.
(Not the FreeBSD derived OSX, the Classic Mac OS)
Running any version of MacOS is 100% safe and with ANY version of Webstar webserver that runs on MacOS, and has never once ever had a break in. In the entire history of BugTraq's huge database of exploits not one remote exploit has ever once been found in MacOS, and running as a server is 100% safe.
There are about 10 technical reasons for this, and it is not just luck. Unfortunately, about all 10 technical reasons are not part of the OSX universe.
This is why many universities and ever the US ARMY dropped linux, unix AND windows and swapped to MacOS years ago.
In the recent year the www.USARMY.mil web site swapped from MacOS to OSX to use it as a honeypot, despite using MacOS on other mil servers, but few people seem to want to try embarrasing the us army web site yet again, mainly because of draconion punishment and jackbooted retribution, though I feel OSX is a big mistake for a web server, as is any bug-ridden easily exploited OS.
The MacOS has not ever been exploited, once ever, though in 1996 or 1997 a third party web assisting tool for web site purchasing services was found to have an exploit but was rapidly patched and was a rare and little used product. It is the sole and ONLY entry in the entire BugTraq database or in any published defacements or rooting in any search engines.
Hell I even forgot the name of the little used applet tool for MacOS web servers.
But I will NEVER forget that the most secure web servers run WebStar on macOS.
Umm for all the MS lovers saying it's not Microsoft's fault, I work for a large web hosting comapany (work on UNIX servers, not Windows but still see everything that happens on both sides) and 99% of compromised boxes come from shit code allowing exploits. So one Microsoft representative claims it was the fault of an unpatched system, well I'm not buying it. More likely it was an exploit in shit code from a company whos specialty is insecure code.
Ubuntu: If at first you don't succeed, blindly slap a sudo in front of it
Really, if the problem was that the servers were unpatched, why is that supposed to be something embarrassing to Microsoft?, I say that the ones who should be embarrassed are the systems administrators who are mediocre enough to not patch their systems knowing how much risk was and is at stake!
This type of problem would have been likely to happen in just about any other unpatched operating system... be it UNIX or not UNIX, it would' have not made any difference whatsoever.
Insanity: doing the same thing over and over again and expecting different results.
SP2?
Windows 2003 has only just received SP1. SP2 is for Windows XP.
Ever get the feeling that a lot of people on Slashdot that comment on servers have never had to run any?
>
That must qualify as informative - it's not often that slashdotters see pictures of an oriental girl with her clothes on.
Sheesh, evil *and* a jerk. -- Jade
MS has been cracked before. Just 2 years ago, they had russians crawling throughout their network.
In addition, when has MS ever taken responsibility for their actions?
At this point, if MS says that the other company did not stay up on patches, I am not inclined to believe them. I think that something else happened, and MS just wishes to blame them. And the korean company will take the blame just to keep the business.
But I do have to say that I am a bit surprised that MSN would use an outsourced company for this since they have a large operation in Korea.
I prefer the "u" in honour as it seems to be missing these days.
Have a look
/ /www.msn.co.kr/
http://toolbar.netcraft.com/site_report?url=http:
Look for nameserver. At last proof positive !!!
After they balanced the spawning pool from 150 to 200 minerals, zerg rush now never works unless the map is tiny or you're a newb. All you need is some well placed buildings, a bunker, a sunken colony, or cannon to easily fight off a zerg rush. Even 2 on 1 should be no problem if you use your miners to attack. 3 on 1, well, that's what allies are for, isn't it?
If you can't take a little bloody nose, maybe you'd better just go home and crawl under your bed. It's not safe out here. It's wonderous, filled with wonders to satiate desires both suttle and gross, but it's not for the timid.
Which means you might find yourself unwittingly running it one day, lulled into a false sense of security....
Microsoft's virtual monopoly for the desktop OS means that security vulnerabilities are profitable. People buy a new computer when they find the old one has become slow. The don't realize they are infected, and that their computer became imperceptibly slower each time it got infected.
Sorry, I wrote 'Korean' when I meant 'American'.
And why should I trust that list?
I do not misunderstand why people feel the need to defend Bill Gates and company, unfortunately.
"Just another embarrassment to Microsoft's security push."
Another embarassment for who "Nerds" who read the popular "News for Nerds. Stuff that matters. -- A popular technology news website"?
That's like having a Christian missionary meeting in a city that only allows Christians to live there.
Do you actually think wind of this news about Microsoft will reach real news sources such as MSNBC, FOX, and others? Yes, this article is on cnn's website, but I'm talking about newspaper and TV.
The amount of people who have power (e.g. corporate types who make decisions) are more likley to be reading the Wallstreet Journal than logging on at night to http://cnn.com/
So after all, this isn't an embarassment to Microsoft at all, as nobody important will ever see this article.
You wouldn't trust them beyond $5 to do the right thing?
I don't gamble, but I'd give close to half odds that the first thing they did was use symantec. I'd even give better than one in ten that they might not even yet have wiped the system. And I'd even give close to 1 in 2 that they have not yet pulled the raid, restored from last week's backup, and started scrubbing executables from the the off-line db raid so they can extract and update.
Man. panic time.
According to cnn, the opening that was being talked about was an opening on MSIE, not on IIS. These frames could be used in malicious attacks that take advantage of a flaw in Microsoft's Internet Explorer Web browser that the company patched last December.
IOW, the opening that everybody is talking about is on the client, not on the server. At this time, I would not trust anything that is coming from MS (or the news). The news will probably go after MS, while MS will try to spin it in their favor. Personally, I suspect that MS actually tried to spin by implying that the missing patch was on the server, and the reporters did not pay attention. Anymore it seems like most reporters miss the real stories.
I prefer the "u" in honour as it seems to be missing these days.
Shouldn't this also be in "It's Funny, Laugh"?
MacOS servers have never been rooted remotely or defaced according to entire BugTraq database.
No patches ever needeed. no exploits found EVER.
i am talking macOS not unix-freebsd-OSX
Anyone else find a Kornet IP responsible for 99% of attempted attacks?
IIS Hacked, No way. Now thats breaking news.
People wonder why people have doubts about open source. One reason is accountability.
If linux.org got hacked, who'd care, or even if slashdot ( remember ). MS at least is standing up and admiting it has a problem. OS just hides behind it's structure. Because we are open we will get patched.
Somebody hacked into their computers in order to steal password, not to shame MS. Be mad at the hackers for once. Is this going to be any different if/when MS is not king of the hill? No, get over it.
On a side note. Has slashdot ever consider not allowing posts to a story? This is a classic example of a useless post section. About the only thing useful might be how they got in, but no is going to know that until this story isn't on the front page.
Can we IhateMS.slashdot.org and stick these stories there?
In Korea, only old servers are used for email...
# cat
Damn, my RAM is full of llamas.
So, if this story makes MS look bad, then by that logic I can go and WinNuke -- with my 1337 skillz -- whatever remaining Windows95 boxes are out there, and call it a victory against MS as well?
The moral of this story seems to be fairly simple; outdated, unprotected software can -- and will be -- exploited. This isn't MS-specific, unless you're some special kind of ignorant.
Great inflammatory headline from SC Magazine. Those crazy North Koreans are ready to attack the US with an army of hackers. Apparently they have just bought a load of pc's running windows 3.11 and they're as mad as hell!!
Don't like Slashdot? don't come here.
Your server can only be as secure as the quality of the people you hire. It's totally possible to run a totally insecure Linux server and it's also totally possible to run a completely secure Windows server. The people that manage the servers just have to know what they're doing, on either OS. People that blame the OS for their hacks should really blame the person that manages it.
I like my women how I like my sugar.. granulated.
Could you name an example? Last year, several Open Source projects have reported that some of their servers were hacked into. I definitely remember Debian going though lists of MD5 hashes to find back older known-good versions of their files.
But maybe you can enlighten us? btw, I am not saying that Open Source is somehow 'better than Microsoft' in this case. It's just that you saying that people probably don't see something is rather hard to prove for the people you speak to ("Hey, I don't know any project that told me they were hacked, it must be true!").
So the idea is that Microsoft may not be responsible for the security and user safety of online services with their name on it because they may not personally be the ones actually running it?
Well then I'll be sure to keep that in mind the next time I am considering paying for or signing up for a Microsoft-branded online service.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
I LOVE slashdot, are you kidding me? This is the funniest site I've ever been too.
I can't connect to any of my Hotmail accounts using Outlook Express. Maybe this is serious enough that MS is temporarily disabling all accounts?
eTrade SUCKS
I can't say I'm surprised by the "if it's M$ it's bad" sort of propaganda, but seriously people: all software needs patching. Windows and *nix alike, if they go unpatched obviously the holes are not mitigated.
How many times has sans.org been hacked?
No patches ever needeed.
No exploits found EVER.
No one can be arsed.
My name's Steve, you inconsiderate clod.
So the idiots running the servers didn't bother to keep them up-to-date....and thus it's Microsoft's fault?
Sounds to me like another case of user stupidity. If yer not going to take care of things, either don't have them or shut up.
A distribution is a collection of pieces of software, mixed together, to form an operating system. Each piece of software is maintained separately.
That's what GNU/Linux distros are: they all start with practically the same kernel (Linux) in the bowl, put some GNU and BSD utilities, add water, mix together and serve.
BSDs on the contrary, are entire operating systems where each component is developed ad-hoc for the OS. They doesn't share a kernel and add some random utilities. Each of them maintain a PUBLIC source tree of the whole operating system. Everything is in the same place developed from a single tree.
Take a look at the CVS tree if you are curious.
Thanks to the freedom of the license, all of them share code which redounds on benefit of the users.
The best way to predict the future is to invent it
So, each *BSD is kind of a "distro" of the BSD source tree. Except they have different source trees.
True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
am i the only one who's not surprised to hear the news?
buffering...
wait are these free accounts? and if so how long have you had them... I know they didn't specifically disable the interface for accounts, but they made it such that new clients couldn't connect meaning for awhile I could connect on one computer but not the other... I should check to see if they reenabled that stuff.
Gravity Sucks
Never the less, if you say that FreeBSD isn't a distro how can jaseuk's comparison on FreeBSD vs. RedHat and Debian be right. It should be compared to all Linux distrobutions. That's what I have been trying to say, jaseuk started comparing FreeBSD to specific Linux distrobutions when flithm talked about BSD vs. Linux.
Good point, but that doesn't negate the original point of the GP.
Microsoft claims you can manage thousands of servers and workstations worldwide from a single desktop computer. Not only that, they claim it's cheap and easy to do so.
If all their advertising is true, why the heck aren't they doing it?
"City hall" in German is "Rathaus" Kinda explains a few things......
Heya, thanks alot!! I checked it again and it works once again... :) I remember having outlook express post an error message "Account not accessible because free e-mail accounts have had remote checking disabled" (completely paraphrased), but apparently they changed their mind... and they must never have gotten around to even temporarily disabling your account :P
Lucky me!
Gravity Sucks