Alerts
BOOKMARK THIS ALERT
digg
|
del.icio.us
|
reddit
newsvine
|
furl
|
technorati
Super Bowl XLI / Dolphin Stadium
Date:02.02.2007
Threat Type: Malicious Website
Websense® Security Labs™ has discovered that the official website of Dolphin Stadium has been compromised with malicious code. The Dolphin Stadium is currently experiencing a large number of visitors, as it is the home of Sunday's Super Bowl XLI. The site is linked from numerous official Super Bowl websites and various Super Bowl-related search terms return links to the site.
A link to a malicious javascript file has been inserted into the header of the front page of the site. Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004. Both of these exploits attempt to download and execute a malicious file.
The file that is downloaded is a NsPack-packed Trojan keylogger/backdoor, providing the attacker with full access to the compromised computer. The filename is w1c.exe and its MD5 is ad3da9674080a9edbf9e084c10e80516
We have notified the owner's of the site, but the site is currently still malicious.
Please do not visit the site until it has been cleaned.
- http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
- http://www.microsoft.com/technet/security/Bulletin/MS07-004.mspx
Site screenshot:
Site source screenshot:
