That's Entertainment: Malicious Website: Super Bowl XLI / Dolphin Stadium - UPDATE
Via the fine folks at Websense.
Websense® Security Labs™ has discovered that the official website of Dolphin Stadium has been compromised with malicious code. The Dolphin Stadium is currently experiencing a large number of visitors, as it is the home of Sunday's Super Bowl XLI. The site is linked from numerous official Super Bowl websites and various Super Bowl-related search terms return links to the site.More here.
A link to a malicious javascript file has been inserted into the header of the front page of the site. Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004. Both of these exploits attempt to download and execute a malicious file.
Also, the domain which the malicious javascript redirects to for it's exploit is registered in China
UPDATE: 11:25 PST: The website has now removed the malicious javascript code and is clean!
Update: 20:00 PST: The IP addresses were not fast-flux, as it first appeared. It has now pretty much been mitigated.
0 Comments:
Post a Comment
<< Home