30.03.2004 11:38:20Earlier today (March 29, 2004), one Microsoft web site ( http://register.microsoft.co.kr ) was compromised and defaced on the Microsoft Korea (microsoft.co.kr) network. The machine was defaced (and is still defaced 15.25 GMT) initially (...) by a Brazilian defacer/group know as "c0derz". The defacer obtained an unauthorized access to this system by using a misconfiguration in the Frontpage Estensions. After some minutes many other defacers crew has started to redeface the same site. "Silver Lords", "int3rc3pt0r" take part to this "tour" in the Microsoft site. The funny thing is that also Microsoft is defaced by using a very common error in the configuration of the Frontpage Extensions, we must consider the following: where is the security if also Microsoft is hacked by using a misconfiguration in their own product while they should know everything about it?
You can see the mirror of this defacement at the following url:
http://www.zone-h.org/en/defacements/view/id=1090606 /
Another Microsoft Korea web site (member.microsoft.co.kr) hosted on the same box got defaced later by the Brazilian crew r00t_System, they probably uploaded an ASP script to browse the directories on the server and deface the other site.
The mirror is here:
http://www.zone-h.org/en/defacements/mirror/id=1093705 /
You can reach the full list of past Microsoft targets at the following urls:
--------------------------------------
03/24/2002: http://cust-supp-chat.one.microsoft.com
http://www.zone-h.org/en/defacements/view/id=29504 /
--------------------------------------
03/16/2002: http://officecouncil.rte.microsoft.com
http://www.zone-h.org/en/defacements/view/id=28719 /
--------------------------------------
03/10/2002: http://olab2.research.microsoft.com
http://www.zone-h.org/en/defacements/view/id=28192 /
--------------------------------------
07/27/2001: http://www.microsoft.com.sa
http://www.zone-h.org/en/defacements/view/id=13942 /
--------------------------------------
06/21/2001: http://arulk.rte.microsoft.com
http://www.zone-h.org/en/defacements/view/id=18638 /
--------------------------------------
06/21/2001: http://redsand.rte.microsoft.com
http://www.zone-h.org/en/defacements/view/id=18640 /
--------------------------------------
05/08/2001: http://streamer.microsoft.com
http://www.zone-h.org/en/defacements/view/id=18686 /
--------------------------------------
05/04/2001: http://www.microsoft.com.sa
http://www.zone-h.org/en/defacements/view/id=18701 /
--------------------------------------
05/04/2001: http://www.microsoft.com.mx
http://www.zone-h.org/en/defacements/view/id=18700 /
--------------------------------------
04/27/2001: http://www.microsoft.com.gr
http://www.zone-h.org/en/defacements/view/id=27096 /
--------------------------------------
04/20/2001: http://www.microsoft.com.gr
http://www.zone-h.org/en/defacements/view/id=18722 /
--------------------------------------
06/03/2000: http://www.microsoft.com.br
http://www.zone-h.org/en/defacements/view/id=12061 /
--------------------------------------
01/08/2000: http://www.microsoft.com.tw
http://www.zone-h.org/en/defacements/view/id=11740 /
Source: Astalavista