Article

Super Bowl stadium Web site hacked, delivered malware

Eric B. Parizo, Executive Editor
A security firm reported Friday that digital miscreants successfully compromised the Web site of Miami's Dolphin Stadium, home of Sunday's Super Bowl XLI, potentially endangering the site's visitors.

The incident, discovered by San Diego-based Websense Inc.'s Security Labs unit, involved a link to a malicious Javascript keylogger file that had been inserted into the header of the front page of the site, with the intent of propagating malicious code on visitors' computers.

"Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004," according to a bulletin from Websense. "Both of these exploits attempt to download and execute a malicious file.

"The file that is downloaded is a NsPack-packed Trojan keylogger/backdoor, providing the attacker with full access to the compromised computer. The filename is w1c.exe and its MD5 is ad3da9674080a9edbf9e084c10e80516."

According to published reports, Dolphin Stadium representatives have confirmed that the site was compromised, but said the issue had been addressed and that the Web site no longer poses a threat. However, Websense said, the initial breach may have occurred more than a week ago.

The Web site is currently experiencing higher-than-normal traffic because of Sunday's event.

    Requires Free Membership to View


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: