Super Bowl Fans May Get Nasty Surprise

Cybercrooks broke in to the Dolphin Stadium Web site and rigged it to load malicious software onto unpatched Windows PCs. Fans who visited the site between January 25 and February 2 may be infected with scumware. “Assuming you’re not patched, a Trojan downloader with a backdoor and a password stealer gets installed on your computer without you knowing it,” said Dan Hubbard, vice president of security research at San Diego, Calif.-based Websense.

The attack exploits two known security holes in Windows. Visitors to the site who hadn’t yet applied the latest Microsoft fixes would be vulnerable to the attack. The file downloaded in the attack is a keystroke logger and a remote control tool, also called a backdoor. Once the backdoor is installed, attackers get full access to the compromised PC, enabling it to be used as a zombie in a botnet.

I have posted previously about Botnets, so won’t go into further detail about them here. You can read More on Botnets — The Most Rapidly Evolving Computer Threat, or Botnets–One of the Most Serious Computer Threats on the Internet.

If you visited the Dolphin Stadium Web site with a Windows PC that lacked the most recent patches, you should immediately run a security scan to clean your PC.


To return to the main page of the blog, click here. To return to the blog Index, click here.

WordPress Themes