Malware Compromises Arsenal Fan Site

Arsenal fans meet with a variety of malware on Onlinegooner.com affecting computers with vulnerable Windows.

According to news reports from The Register published on February 29, 2008, a fan site for the people of Arsenal had been hijacked to host-sophisticated malware.

The reports suggest that the malware illegally planted onto Onlinegooner.com, redirected visitors to some Russian and Asian Websites that resulted in a variety of malicious download onto computers with vulnerable Windows. The downloaded malicious code is a potential combination of keylogging, rootkit, Address Resolution Protocol (ARP) poisoning, backdoor, and Domain Name System (DNS) spoofing capabilities.

According to an assessment by ScanSafe, an Internet filtering company, the installation of the malicious code took place around February 18, 2008 preceding a Champions League football match in which AC Milan and the English football team ended the match without scoring a goal.

Hackers taking advantage of the accident meeting, Eduardo da Silva, the Brazilian born Croatian football star, in the Premiership match with Birmingham City on February 23, 2008 drove Internet traffic towards the widely visited site that has been supplying exclusive news to fans of Arsenal for about ten years.

However, it isn't still clear, if Onlinegooner.com has removed the malware from it or not. Meanwhile, the Register has sent e-mail to the Webmaster of the site with promises to update the story once a reply comes in.

Attacks against sports fans do not generally occur but they are not unprecedented. Trend Micro cites one attack in which fans of Jets Gridiron, in New York, were attacked in January 2008. The introduction of malware usually from tainted ads by third parties onto authentic Websites has turned into grave problem over the last few months. Another instance of malware loaded ads showed up on Radio Times and ITV.com in early February 2008.

More incidents, where fans' Websites were either invaded into or their PCs were compromised occurred in February 2007, when the Website of the Dolphin Stadium hosting Super Bowl XLI in Miami suffered a hacking assault.

Security researchers say that Webmasters responsible for sports-related sites need to realize that they too are targets for cyber criminals. According to them, these sites need to adopt security measures such as identifying and blocking potential routes for malware injection.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 3/15/2008