PracticePeople In PracticeHackers saw Microsoft source code

Hackers saw Microsoft source code

Microsoft has admitted that programming code for some of its products under development was seen by hackers who gained access to its corporate network.

The FBI last week began an investigation into the computer break-in at the software company, which Microsoft said gave intruders access to its corporate network for 12 days. However, it said it was aware of the incident for much of this time.

Microsoft initially said ‘the integrity of our source code remains intact,’ but late on Friday admitted that the hacker ‘was able to view some source code under development.’ However, Microsoft said source code for its existing Windows and Office software was not seen.

The break-in, as well as damaging Microsoft’s reputation, raised fears that the hacker could have modified products, making them damaging to end users. Microsoft claims ‘no modifications or corruptions’ were made and ‘no source code was downloaded.’

Speaking to the Associated Press newswire on Sunday, Microsoft spokesman Rick Miller said: ‘We start[ed] seeing these new accounts being created, but that could be an anomaly of the system. After a day or two, we realized it was someone hacking into the system.’

According to the Wall Street Journal, the break-in was discovered on Wednesday after Microsoft security staff detected passwords being remotely sent to an email account in St Petersburg, Russia.

A Microsoft spokeswoman said of the hackers, who could have had undetected access since July: ‘This has been a deplorable act of industrial espionage and we are working with law enforcement agencies to protect our intellectual properties.’

Access to the network was gained by emailing a program, called the QAZ Trojan, into Microsoft’s network that created a ‘back door’ for the intruders, according to the paper’s sources.

These internal passwords may have been used to transfer source code outside of the Microsoft campus. By yesterday, the software giant had begun to check every file on the compromised areas of its network that had been modified for any reason in the past three months.

Microsoft said: ‘We are implementing an aggressive plan to protect our corporate network from unauthorised attempts to gain access, and are working on both immediate and long-term solutions.’

This article first appeared on vnunet.com

Related Articles

Is inefficiency stealing your time and money?

Accounting Firms Is inefficiency stealing your time and money?

6m Emma Smith, Managing Editor
CIMA elects new president

Institutes CIMA elects new president

6m Emma Smith, Managing Editor
Transparent currency trade: How to achieve costs visibility

Governance Transparent currency trade: How to achieve costs visibility

6m Emma Smith, Managing Editor
Introduction to KPMG UK’s new leadership team

Accounting Firms Introduction to KPMG UK’s new leadership team

6m Emma Smith, Managing Editor
EY appoints head of UK Infrastructure Asset Intelligence practice

Accounting Firms EY appoints head of UK Infrastructure Asset Intelligence practice

8m Emma Smith, Managing Editor
FRP Advisory expands operation with new office, partner appointments

Accounting Firms FRP Advisory expands operation with new office, partner appointments

10m Emma Smith, Managing Editor
Magma Group announces merger, partner promotions

Accounting Firms Magma Group announces merger, partner promotions

10m Emma Smith, Managing Editor
MHA MacIntyre Hudson advises on management buy-out

Accounting Firms MHA MacIntyre Hudson advises on management buy-out

10m Emma Smith, Managing Editor