We realised the intrusion had grown to the level that warranted bringing in the FBI

Rick Miller, Microsoft

According to Microsoft spokesman Rick Miller, the hackers' biggest scoop was to be able to view the source code - or blueprint - of a Microsoft program still under development.

But he said the product - which he did not identify - was neither corrupted nor modified, and was still years from being released.

He also said Microsoft's log files suggested that the source code had not been downloaded or transferred to another computer outside the Microsoft network.

Computer security experts, however, are casting doubts on this assessment. They say 12 days are more than enough to copy a large source code file, and point out that such files can be easily compressed into a smaller format.

And anybody viewing the source code should be able to download it without too many problems, they argue.

If the hackers had managed to access the source code of a Microsoft program already on the market, they would have been able to distribute versions of the product that looked legitimate, but contained security holes or computer viruses.

Calling the FBI

Microsoft spokesman Rick Miller said the hackers had gained access to high-level secrets on Saturday, 14 October.

At first, the software firm tried to handle the situation by itself. But on 26 October, it notified the authorities after "the intrusion had grown to the level that warranted bringing in the FBI".

He said Microsoft had first given a larger timeframe because the exact duration of the hackers' presence had been unclear and the company wanted to make sure that it did not underestimate the problem.

First suspicions

First suspicions were raised when Microsoft discovered the creation of new user accounts for no good reason. "After a day or two, we realised it was someone hacking into the system", Mr Miller said.

Microsoft has not said how and for how long exactly it did monitor the hackers' activities, but judging from these comments, the intruders clearly had a window of opportunity to roam the company's network unchecked.

On Friday, Microsoft's president and chief executive, Steve Ballmer, had insisted that "we know there has been no compromise of the integrity of the source code; that it has not been modified or tampered with in any way".

Whodunnit?

There has been a lot of speculation as to who could be behind the hack attack.

Microsoft is hated in hacker circles, and an obvious target, as its software is found on more than 90% of all computers worldwide.

Joel de la Garza, expert with Silicon Valley-based computer firm Securify, said: "Eighty percent of the security incidents I see are teenage kids out to have a good time, but the remaining 20% [are] attackers with a stated objective and a definite plan on how to accomplish it".

Blackmail possibility

If the Microsoft hackers fall into the latter category, they could have been sent by commercial competitors that wanted to have a look at what their big rival was doing.

Another possible suspect are criminal gangs who might want to hold the source code "hostage", threatening to release it unless Microsoft pays up.

During the break-in, internal passwords for Microsoft's network were reportedly sent remotely to an e-mail account in St Petersburg in Russia.

Russian hackers have broken into corporate networks in the United States before, although these e-mails could quite easily be a decoy to hide the true identity of the attackers.

Help from virus

Computer security experts say the hackers appear to have used a virus called QAZ to break into Microsoft's network.

They say QAZ first surfaced in China in July and is a "worm" virus, which makes copies of itself to spread throughout a network.

Once installed, the QAZ program allows hackers unauthorised access to the network by, for example, relaying back to them passwords and other secret information.

It is also believed that the virus entered Microsoft's system within an inconspicuous-looking e-mail and, once inside, began replicating.

This kind of virus is known as a Trojan, after the Trojan Horse of Greek mythology, which was used to end the siege of Troy.