Hackers placed a malicious script on the Web site of the Miami Dolphins, hosts of Sunday's Super Bowl event, which exploited Microsoft security vulnerabilities to install malware located on a Chinese server onto visitors' computers. Sophos detected the Windows malware as Mal/Packer using the Behavioral Genotype Protection technology.
"The Web is being overrun by malicious security threats such as spyware and adware. Most of these threats are motivated by financial gain, with perpetrators trying to steal confidential information, trade secrets or make money through persistent pop-up advertising," said Graham Cluley, senior technology consultant for Sophos. "Web sites related to the Super Bowl will have been a popular destination for surfers around the world in the run-up to Sunday's game, and a prime opportunity for hackers to infect the unwary."
The Miami Dolphins' Web site has now been restored to normal operation, but it is recommended that users who visited the site in the run-up to the game scan their PCs with an up-to-date anti-virus product and ensure that they have installed the latest Microsoft security patches.
"Malware today typically doesn't announce its presence. It could lurk undetected on a surfer's computer without them realizing that it is working in the background, stealing information from them or exploiting their computer's resources," continued Cluley.
