AOH :: ISNQ7034.HTM

Microsoft confirms Russian pill-pusher attack on its network




Microsoft confirms Russian pill-pusher attack on its network
Microsoft confirms Russian pill-pusher attack on its network



http://www.theregister.co.uk/2010/10/14/microsoft_confirms_ip_hijack/ 

By Dan Goodin in San Francisco
The Register
14th October 2010

Microsoft has confirmed that two devices on its corporate network were 
compromised to help a notorious gang of Russian criminals push Viagra, 
Human Growth Hormone, and other knockoff pharmaceuticals.

The admission came in response to an article The Register published on 
Tuesday. It reported that two internet addresses belonging to Microsoft 
were helping to route traffic to more than 1,000 websites that belong to 
a fraudulent online pharmacy known as the Canadian Health&Care Mall. 
Microsoft on Wednesday said an investigation of that report confirmed 
the hijacking was the result of an attack on machines connected to its 
network.

"We have completed our investigation and found that two misconfigured 
network hardware devices in a testing lab were compromised due to human 
error," the five-sentence statement said. "Those devices have been 
removed and we can confirm that no customer data was compromised and no 
production systems were affected. We are taking steps to better ensure 
that testing lab hardware devices that are internet accessible are 
configured with proper security controls."

According to network security researcher Ronald F. Guilmette, the 
Microsoft IP addresses had been used to host the websites' authoritative 
name servers since at least September 22. El Reg ran the data he 
supplied by experts in DNS and botnet take-downs, and most said it 
likely indicated that one or more machines on Microsoft's network had 
been infected with malware.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/ 

Site design & layout copyright © 1986-2014 CodeGods