Hackers saw Microsoft source code

The FBI last week began an investigation into the computer break-in at the software company, which Microsoft said gave intruders access to its corporate network for 12 days. However, it said it was aware of the incident for much of this time.

Microsoft initially said ‘the integrity of our source code remains intact,’ but late on Friday admitted that the hacker ‘was able to view some source code under development.’ However, Microsoft said source code for its existing Windows and Office software was not seen.

The break-in, as well as damaging Microsoft’s reputation, raised fears that the hacker could have modified products, making them damaging to end users. Microsoft claims ‘no modifications or corruptions’ were made and ‘no source code was downloaded.’

Speaking to the Associated Press newswire on Sunday, Microsoft spokesman Rick Miller said: ‘We start[ed] seeing these new accounts being created, but that could be an anomaly of the system. After a day or two, we realized it was someone hacking into the system.’

According to the Wall Street Journal, the break-in was discovered on Wednesday after Microsoft security staff detected passwords being remotely sent to an email account in St Petersburg, Russia.

A Microsoft spokeswoman said of the hackers, who could have had undetected access since July: ‘This has been a deplorable act of industrial espionage and we are working with law enforcement agencies to protect our intellectual properties.’

Access to the network was gained by emailing a program, called the QAZ Trojan, into Microsoft’s network that created a ‘back door’ for the intruders, according to the paper’s sources.

These internal passwords may have been used to transfer source code outside of the Microsoft campus. By yesterday, the software giant had begun to check every file on the compromised areas of its network that had been modified for any reason in the past three months.

Microsoft said: ‘We are implementing an aggressive plan to protect our corporate network from unauthorised attempts to gain access, and are working on both immediate and long-term solutions.’

This article first appeared on

Related reading