Feeds

MS hacked by Dimitri again. Perhaps

Corporate sloppiness or hacker self-aggrandisement?

  • alert
  • submit to reddit

The essential guide to IT transformation

The hacker that gained access to several Microsoft servers through a known security hole on Friday claims he did it again yesterday (Tuesday). Dimitri says he uploaded a file called oopsididitagain which mocked MS' security policy.

The file title refers to the hit single by Britney Spears, and Dimitri also gave an indication of his nationality by saying he enjoyed the pop star's concert in the Netherlands on Saturday, held at a football stadium in Arnhem. According to Dimitri, Microsoft found the file the same day, removed it and then finally patched the hole - something it should have done with ease back on Friday.

The implication is that Microsoft either lied about applying patches to the servers or was unable to do it within three days. If this is the case then it raises serious questions about a centralised control system for computer networks - something that Microsoft mocks others for not being able to do but it would appear can't do itself.

We had a chat with Microsoft Europe, which said it was unable to confirm or deny the hack and we'd have to wait for the States to wake up to get a final confirmation. However, it did reiterate the line about the relevant server(s) being in "semi-retirement". This explanation, incidentally, has become far more solid since it was first mooted on Friday. Originally the server was of little importance, now it is virtually dustbin material.

Anyway, we remain very skeptical of Dimitri's claims. It all sounds a little too perfect for us. It is just as likely that Dimitri got a taste for publicity and wanted more than it is he hacked Microsoft again. Think about it - how else to make the media interested than pull in a favourite publicity figure - Britney Spears? She plays a concert the weekend after his first hack, so he gives details - oh, he lives in Holland - and then the piece de resistance, an uploaded file called Oops I did It Again. It reeks of fish.

Fortunately, Microsoft has patched it up now so there's no way it can ever be proved. Put on the spot, we say: publicity hungry, never happened. But then we await Microsoft's comment. ®

Related Stories

Microsoft hacked again
How you hack into Microsoft: a step by step guide

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
Mozilla's 'Tiles' ads debut in new Firefox nightlies
You can try turning them off and on again
No, thank you. I will not code for the Caliphate
Some assignments, even the Bongster decline must
Barnes & Noble: Swallow a Samsung Nook tablet, please ... pretty please
Novelslab finally on sale with ($199 - $20) price tag
Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws
Yep, that one place you'd hoped you wouldn't find 'em
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Primetime precrime? Minority Report TV series 'being developed'
I have to know. I have to find out what happened to my life
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.