Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Online gamers targeted in Korean MSN hack attack

Online gamers targeted in Korean MSN hack attack

by Nikola Strahija on June 7th, 2005 More details have emerged about a hacking attack that left MSN's South Korean portal booby trapped with password-pinching malware


The attack targeted subscribers to Lineage, an online game with 4m users, largely in Asia. It's unclear how many users were infected by the assault. Police and Microsoft specialists have yet begun an investigation.

The site - news.msn.co.kr - is back online following a clean-up operation that removed malware planted on the news pages of the portal. Microsoft is blaming the firm that run the site for failing to apply security patches that would have made the attack mpossible. The security breach came to light during a routine security scan by net security firm Websense on Sunday May 29. Microsoft patched the flaw after the Bank Holiday weekend leaving a minimum three day window of exposure.

Websense reports that the malicious code attempted to exploit multiple JavaScript, IE, and other Microsoft vulnerabilities to download a Trojan (called Lineage.dll) onto the PCs of surfers with vulnerable computers visiting the site. "The attempts were launched through an invisible, embedded iframe on the front page of MSN NEWS Korea. Merely visiting the site with a vulnerable browser was enough to become infected, which occurred without the user's knowledge," it added.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »