Microsoft MSMVPs blog site taken over by malware

Susan Bradley is blogging about a break-in on the server that runs numerous blogs for Microsoft MVPs (Most Valuable Professionals).

She describes spotting a service that turned out to be the W32/Rbot-GOS work with IRC backdoor functionality.

Currently she doesn’t know how it happened, but promises to let us know; it’s also being investigated by Microsoft support.

Kudos to Bradley for being open about this. It’s embarrassing for someone with deep expertise who blogs about security; on the other hand it demonstrates what a tough problem this is. I’ll be watching with interest for the further analysis.