MSN Site Hacking Went Undetected for Days

By TED BRIDIS AP Technology Writer

WASHINGTON (AP) -- Password-stealing software planted by hackers was active on Microsoft's popular MSN Web site in South Korea for days before the world's largest software company learned about the break-in and removed the computer code.

Police investigators and Microsoft specialists are continuing to search for clues to the culprits behind this week's high-profile computer break-in. More details emerged Friday about the hacking, which targeted subscribers of an online game called "Lineage" that is popular in Asia.

Microsoft Corp. said it had cleaned the Web site,

and removed the software code that had been planted on its news page. It said another company that operates the MSN Korea site apparently ailed to apply necessary software patches, leaving its server computers vulnerable.

Security researchers at San Diego-based Websense Inc. discovered the break-in late Sunday during routine scans it makes against more than

250 million Web sites each week looking for sources of viruses and other infections.

A previous inspection by Websense of the MSN Korea site the evening of May 27 did not detect the dangerous software.

-

[TELECOM Digest Editor's Note: I asked Lisa Minter to get the full story on this and she has the complete report as it appeared in the Associated Press on Friday elsewhere in this issue. PAT]