Slashdot Mirror

← Back to Stories (view on slashdot.org)

Korean MSN Site Hacked

Posted by ryuzaki0 on Thursday June 2, 2005 @04:13PM from the open-for-rooting dept.

An anonymous reader writes "CNN is reporting that MSN's Korean website was hacked in order to allow usernames and passwords to be stolen. Microsoft is initially blaming unpatched, outsourced servers. Just another embarrassment to Microsoft's security push."

1 of 305 comments (clear)

Min score:

Reason:

Sort:

Re:Mirror? by numatrix · 2005-06-02 17:01 · Score: 4, Informative

It wasn't an overt defacement; very small iframe at the bottom of the main page that pointed to a seperate file on the same server. That file contained an tag with a src url of some other file in the same directory ending in .gif.

Of course that file wasn't actually a .gif obviously, but was a collection of IE client-side exploits to try to load a particular bit of malware.

A quick google for that malware shows the other chinese sites that I found (hey, I think that's officially the first time I've made cnn). One was discussing it, the other appeared to be (intentionally or otherwise) loading it.