Microsoft reported Friday that system crackers have penetrated its corporate network. The company learned of the break-in after detecting that passwords were being sent from their network to an email box in Russia. It is believed the attackers gained entrance to the network using the QAZ worm attached to an inconspicuous document.
According to Symantec's AntiVirus Research Center, the QAZ worm was first discovered in China on July 16th of this year. The worm can spread itself to other computers on the internal network, but does not attempt to transmit itself offsite. QAZ contains a backdoor that can allow remote attackers to gain control of the local machine over port 7597.
A source close to the matter told CNNfn that the attackers may have had access for as long as sixty days. Microsoft contacted the Federal Bureau of Investigation (FBI) to assist on the matter. Company president and CEO Steve Ballmer, currently at a conference near Stockholm, told reporters by phone Friday that the attackers had viewed, but not changed, some of the company's source code.
For further news on the break-in, be sure to read Paul Thurrott's coverage of the event on our WinInfo Web site!
