The intruders were able to access the server that was running http://experts.microsoft.fr/, Microsoft confirmed Monday. The attack was claimed by Turkish hackers using the handle "TiTHacK," said Zone-H, a security Web site that keeps an archive with screenshots of defaced Web sites.
The attackers were likely able to penetrate the server running the Web site due to faulty configuration, Microsoft said in a statement Monday. "Microsoft took the appropriate action to resolve the issue and stop any additional criminal activity," it said.
The intruders apparently took advantage of a yet-to-be-patched flaw in a DotNetNuke script, Zone-H reported on Tuesday, after speaking with the attacker. DotNetNuke is an open-source content management system written in Visual Basic .Net for Microsoft's ASP.Net framework.
After breaking in, the attackers defaced the Microsoft Web site, leaving the following note: "Hi Master (: Your System 0wned By Turkish Hackers! redLine ownz y0u! Special Thanx And Gretz RudeBoy |SacRedSeer| The_Bekir And All Turkish HacKers next target: microsoft.com date: 18/06/2006 @ 19:06 WE WERE HERE...."
While so-calledstill occur often, they have become less high-profile in recent years as other, take the spotlight.
Microsoft is working with law enforcement to investigate and take appropriate action against the attackers, the company said.
The compromised Web site was offline most of Monday. Microsoft said it is working to restore the site, which is hosted at an unidentified third-party Web hosting company. The Web site runs Microsoft's Windows Server 2003 with IIS 6.0 Web server software, according to Netcraft, a U.K.-based Internet-monitoring company.
"We apologize if customers are inconvenienced by the unavailability of the affected Web site," Microsoft said. "Microsoft is committed to helping protect our customers and we're working diligently with the third-party hosting company to restore the functionality of this Web site as soon as possible."