Security researchers warned on Friday that a hacker installed malicious code on the official Web site of Dolphin Stadium designed to secretly implant keystroke-logging software on visitors’ computers. Security firm Websense Inc., which first reported the breach, said the attack involved a common type of “Trojan horse” program targeting Windows computers without the latest security patches from Microsoft Corp.

Reportedly, the hack was also on Miami Dolphins’ website. The breaches apparently occured about two weeks ago, and anybody who visited the sites without proper antivirus protection or patched Windows could be infected.

“We literally find tens of thousands of these things every day — they’re everywhere from big-name sites like this one to mom-and-pop bakery shops,” said Dan Hubbard, vice president of security research at Websense. “It’s definitely a good lesson in staying up to date on the patches.”

“It’s low-hanging-fruit malware,” said David Marcus, security research and communications manager with McAfee Inc., quoted by AP. “If you have any up-to-date anti-malware software on your machine, it’s going to mitigate it.”

“If you go to the [Dolphins'] Super Bowl Web site with a Web browser that’s not running the latest and greatest patches from Microsoft, you could get exploited,” said Dan Hubbard. “Assuming you’re not patched, a Trojan downloader with a backdoor and a password stealer gets installed on your computer without you knowing it.”

The file downloaded in the attack is a keystroke logger and a remote control tool, also called a backdoor, Websense said. Attackers get full access to the compromised PC. Read more.

OSA Editorial Comments:

This goes back to my main issue, that if the NFL can’t stop them then how cam we even stand a chance! If we don’t start making the Cyber Criminals pay with real punishment or real jail time, and until we start to say: “enough is enough” or scream out from the rooftops that “Were not going to Take IT Anymore!!” 

We as an Internet family have to band together and force politicians, the Federal Government, and International leaders to make changes in how we treat Cyber Criminals.

Your Online Security Authority
Bill Wardell

Popularity: 6% [?]

If you're a concerned parent, you may want to subscribe to the: OSA~RSS Thanks for visiting! and make sure to sign our OSA Guestbook...

If you enjoyed this post, make sure you subscribe to my RSS feed!