Hacker Attacks Dolphin’s Web Sites before Super Bowl Game
A hacker planted malicious code on the legal Web site of Dolphin Stadium just some days before start of the Super Bowl. The hacker's intention was to inject keystroke-logging software on the PCs of the visitors, said security researchers on February 2, 2007.
On January 26, 2007 Websense's automated tools discovered the security breach of the stadium site. However, the company engineers felt alarmed only when Websense customers reported complaints of non-visibility of the site on February 2, 2007.
According to a Websense bulletin when visitors run a script to the site, it tries to exploit two flaws namely MS06-014 and MS07-004. Both these exploits act to download and run a malicious file.
Within hours of discovery of the attack the site owners repaired the problem and put it back for normal use, said a stadium spokesman. Outside security experts confirmed the restoration of the site.
The security experts said the kind of malicious software that the hacker used was easy to isolate and protect against. Also they were still not sure how many computers might have been hit.
The Dolphin Stadium Web site is getting a large number of visitors these days, as it will host the Super Bowl XLI game on February 4, 2007. A number of official Super Bowl sites link to the site as also the different search terms related to the Super Bowl that lend links to the site.
The attack has affected the www.dolphonstadium.com and www.miamidolphins,com sites, and also the reverse copies of those sites such as www.proplayerstadium.com. Security experts strongly restrain Web surfers from visiting these sites till the compromise is resolved.
According to Websense Inc., the attack used a common Trojan horse that targets Windows PCs not secured with Microsoft patches.
The Web sites that incorporated the malicious code are hosted in China and they were operating intermittently on the morning of February 2 2007, said Roger Thompson, chief technology officer for Exploit Prevention Labs on the same day.
The spokesman of the Stadium reported that the FBI was investigating the attack especially because the Super Bowl feat will draw 75,000 attendees and international attention.
Related article: Hacker & Virus in MySpace
» SPAMfighter News - 07-02-2007