Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded companies of the importance of scanning web traffic for malware following the discovery that the Super Bowl stadium website was hacked by criminals in an attempt to install malicious code.
Hackers placed a malicious script on the website of the Miami Dolphins, hosts of Sunday's Super Bowl event, which exploited Microsoft security vulnerabilities to install malware located on a Chinese server onto visitors' computers. Sophos proactively defended customers by detecting the Windows malware as Mal/Packer using the Behavioral Genotype® Protection technology built into Sophos products.
The Miami Dolphins website was hacked, in an attempt to install malicious code on visitors' Windows PCs.
The Microsoft security vulnerabilties exploited by the hackers are described in Microsoft security bulletins MS06-014 and MS07-004.
"The web is being overrun by malicious security threats such as spyware and adware. Most of these threats are motivated by financial gain, with perpetrators trying to steal confidential information, trade secrets or make money through persistent pop-up advertising," said Graham Cluley, senior technology consultant for Sophos. "Websites related to the Super Bowl will have been a popular destination for surfers around the world in the run-up to Sunday's game, and a prime opportunity for hackers to infect the unwary. System administrators need to put measures in place to better defend their workers' PCs and their networks from attack."
The Miami Dolphins' website has now been restored to normal operation, but Sophos recommends that users who visited the site in the run-up to the game scan their PCs with an up-to-date anti-virus product and ensure that they have installed the latest Microsoft security patches.
"Malware today typically doesn't announce its presence. It could lurk undetected on a surfer's computer without them realising that it is working in the background, stealing information from them or exploiting their computer's resources," continued Cluley. "Workers who are given free rein to visit whichever websites they choose from their office desk are risking bringing malware into their organization."
Sophos's recently announced WS1000 Web Security Appliance blocks spyware, viruses, malware and unwanted applications at the gateway and enables comprehensive web access control for safe, productive web browsing.
In January, Sophos published its Security Threat Report 2007, which revealed the increasing use of the web as a vector for malicious attacks by hackers. The report can be downloaded from the Sophos website:
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.