IT security and control firm Sophos is warning football fans to
be careful when buying tickets for the forthcoming Euro 2008
championships online following the discovery of malicious code on
the website of a large European ticket re-sale company. The site in
question has a high search engine ranking and a presence among
sponsored links, indicating that the hackers may have a huge pool
of potential victims.
According to SophosLabs™,
visitors attempting to purchase tickets through the site will be
exposed to the malicious script which is embedded in some of the
webpages. This malware then attempts to download further attacks
from another remote website. Sophos experts advise computer users
to be on their guard and ensure their IT security solutions and
fully up to date.
Sophos experts have discovered a website
selling tickets for the Euro 2008 Championships has been the target
of malicious hackers.
"This is not the first time that hackers have attempted to
capitalize on sporting events, and unfortunately in the run up to
the competition this summer, we're likely to see more sites like
this being hacked, as well as other scams preying on football fans'
fervour," said Graham
Cluley, senior technology consultant at Sophos. "Fans keen to
get tickets to a game need to make sure they don't get carried away
in the excitement and score an own goal before kick off. It's
essential that all computer users ensure their security settings
are up to date and able to defend against these threats."
Sophos products have been proactively protecting against the
malware, known as Mal/ObfJS-R,
since 31 October 2007, but customers of other vendors' products may
need to update their protection.
Sophos noted in its 2008
Security Threat Report that a huge number of legitimate
webpages are now being compromised by cybercriminals as they
attempt to infect more computers. Sophos currently discovers a new
infected webpage every 14 seconds, 83 percent of which are hosted
on legitimate sites that most surfers wouldn't think twice about
Hackers often use big events to exploit computer users and
spread their attacks. In 2007, the website of the Miami Dolphins,
host of last year's Superbowl, was compromised
in the days leading up to the event in order to infect fans logging
on to the site.
Sophos recommends all computer users protect themselves with a
consolidated solution which can control network access
and defend against the threats of spam, hackers, spyware and