Super Bowl Stadium Site Hacked, Packed Trojan - InformationWeek
IoT
IoT
News
News
2/2/2007
06:27 PM
50%
50%
RELATED EVENTS
7 Key Cloud Security Trends Shaping 2017 & Beyond
Dec 15, 2016
Cloud computing is enabling business transformation as organizations accelerate time to market and ...Read More>>

Super Bowl Stadium Site Hacked, Packed Trojan

Officials think the site's server was hacked sometime between Jan. 26 and Jan. 28.

The Web site of Miami's Dolphin Stadium, which plays host to Super Bowl XLI on Sunday, has been trying to hijack unpatched Windows PCs for about a week, a security company said Friday.

The site was hacked between Jan. 26 and 28, Websense reported, and until approximately 11 a.m. PST Friday was actively serving up a backdoor Trojan horse and password stealer.

"The 25th was the last date that we saw [the site] clean," says Dan Hubbard, Websense's head of research. "Sometime between the 26th and the 28th was when we think the site's server was hacked."

The attacker planted a link to a malicious JavaScript file in the header of the front page of the site; that script executed when the official Dolphin Stadium site was rendered. Hubbard said that the script exploited two Windows vulnerabilities, one patched in April, the second last month.

By Friday morning, the malicious site hosting the JavaScript file has been taken down, although Hubbard said the link remained in the stadium's site header. He recommended that users stay away from the URL. "It's possible [the attackers] still have access to the server," he says.

Sunday, the Indianapolis Colts face the Chicago Bears in the National Football League's biggest game of the year. The Colts are favored by a touchdown.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll