The Web site of Miami's Dolphin Stadium, which plays host to Super Bowl XLI on Sunday, was hacked between January 26 and 28, security company Websense reported, and until approximately 11 a.m. PST Friday was actively distributing a backdoor Trojan horse and password stealer. The attacker planted a link to a malicious JavaScript file that exploited two patched Windows vulnerabilities, in the header of the front page of the site. By Friday morning, the malicious site hosting the JavaScript file has been taken down but the link remained in the stadium's site header. Users are recommended to stay away from the URL.
"The 25th was the last date that we saw [the site] clean. Sometime between the 26th and the 28th was when we think the site's server was hacked. It's possible [the attackers] still have access to the server," says Dan Hubbard, Websense's head of research.
News source: InformationWeek
"The 25th was the last date that we saw [the site] clean. Sometime between the 26th and the 28th was when we think the site's server was hacked. It's possible [the attackers] still have access to the server," says Dan Hubbard, Websense's head of research.
News source: InformationWeek
Maybe yes, maybe no. It's 7:05 here in Miami - - it's cloudy, windy and RAININ'.
I admit that although I have lived here in Miami for a few years, I have never been to the stadium (drove by it once or twice on the Turnpike) nor have I ever been to the Pro Player/Joe Robbie Stadium website. But more importantly, and topical, what was the purpose of the hack? I mean, the Super Bowl Tickets were sold months ago. The website, with all it's bells, whistles and flash animation seems merely to provide information and does not permit customers to purchase tickets (Ticketmaster does this). So what was the point - - other than showing yet another South Florida business, ONCE AGAIN, that their computer security sucks? I mean, what would an attacker gain from such an attack?
Regardless, It would appear that the script has been removed because I looked at the header (Note: I am not an IT guy or software developer type so I could be wrong) but here's the code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<HTML>
<HEAD>
<script defer type="text/javascript" src="/ssi/pngfix_map.js"></script>
<script src="/ssi/dhtml.js" language="javascript"></script>
<!-- this script needed for Flash -->
<script language="javascript">AC_FL_RunContent = 0;</script>
<script src="/flash/AC_RunActiveContent.js" language="javascript"></script>
<!-- end - this script needed for Flash -->
<title>Dolphin Stadium</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="main.css" rel="stylesheet" type="text/css">
<script type="text/JavaScript">
I also attach a link to screen shot from websense showing the code with the script in it. I thought it was interesting that they were using Firefox.
how many mom and pop computers, who usually don't update anything have been pnwn'd?
Don't worry Windows users. I'll visit the site on my Mac and let you know what I see!
Don't worry Windows users. I'll visit the site on my Mac and let you know what I see!
dont worry, we (windows users) can also go to the site with impunity but thanks anyways...
Don't worry Windows users. I'll visit the site on my Mac and let you know what I see!
And how do you know the Trojan doesn't affect Macs as well, you smartass?
Don't worry Windows users. I'll visit the site on my Mac and let you know what I see!
Yes, please go while we all play some games on our machines, you let us know ok ......
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.