Updated: Dolphin Stadium may be the
site of this Sunday's Super Bowl XLI between the Bears and the Colts,
but its Web site should be avoided like the plague.
Bears, Colts and Super Bowl football fans everywhere beware.
Users browsing the Internet, perhaps innocently looking up a seating
chart at Dolphin Stadium in Miami, could be in a lot more trouble than
they would have ever expected.
Malicious code was discovered on the Web site for Dolphin Stadium, the location of this years Super Bowl, reports Websense.
Websense Security Labs urged Web users to avoid that site
completely until the site had been scrubbed cleaned of all destructive
The code, hidden under the file name "w1c.exe," initiates both
Trojan horse and keylogging capabilities, potentially allowing a hacker
to track and record keyboard strokes in order to steal credit card,
Social Security or other user information.
the front page of the Dolphin Stadium site. Once visitors entered, it
was designed to execute a script that attempts to exploit two known
Both of these exploits attempt to download and execute a malicious file.
Given the popularity of the Super Bowl, the stadium
site is linked from many official Super Bowl Web sites and related
search terms, which only intensified the Trojan horses chances of
affecting a large number of people.
Websense notified the owners of the site. Go here
to view the Websense notification and original images of the problem areas.
By late afternoon on Feb. 2, Websense officials reported that
the Dolphin Stadium site had been cleansed of the malware and that
company researchers were continuing to study it.
For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.
Websense researchers have discovered there are other sites with
similar exploit code, according to Dan Hubbard, vice president of
security research for Websense.
Company officials declined to identify these other sites,
saying they knew of only about six more, none of which were "high
All of them were temporarily shut down to be cleansed of the malware,
according to Hubbard.
However, Hubbard indicated that there is no evidence that this
incident represents the start of a widespread epidemic of this
particular Trojan horse.
Officials for the NFL could not be reached for comment at the time of posting this story.
Editors Note: This story was updated to report the removal of the malicious code from the Dolphin Stadium Web site.
Check out eWEEK.coms
Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.