Super Bowl blitz begins: Bogus game sites with malware popping up

Security researchers have warned that malware-laced bogus Super Bowl websites have begun appearing, the first wave of what is expected to be a major campaign of game-related cyberattacks.


TrendLabs reported on its blog that it has detected two malware-infected sites with similar sounding URLs to the official Super Bowl XLII game site.

According to TrendLabs, the two malware sites – including the words “www-superbowl.html" and “www-superbowlcom.html” in their URLs – were found in the servers of a Czech hosting provider believed to have been hacked. TrendLabs said in its blog posting that it contacted the Czech CERT and the Czech hosting provider after detecting the malicious code.

The two malware sites are turning up in search results when users google "Superbowl," TrendLabs said. 

Dan Hubbard, vice president of security research at Websense, told SCMagazineUS.com last week that the most likely form of attack to materialise in the run-up to the Feb. 3 clash between the New England Patriots and New York Giants will be botnet-generated phishing emails delivered in messages with Super Bowl-related subjects.

Hubbard also said that a number of domains with Super Bowl-related URLs have been registered, but the destination sites for these URLs have yet to materialise – raising the possibility that a number of malware-infused sites will pop up in the next few days hoping to snare fans googling myriad Super Bowl sites.

While Super Bowl-related phishing emails and bogus game sites containing malware may be inevitable, perhaps the ripest potential targets are the largest legitimate Super Bowl-related websites – like the official game site (www.superbowl.com) and the Patriots' website, which now are notching millions of visits per day.

Last year, the website for Dolphins Stadium, which hosted Super Bowl XLI, was victimised when a JavaScript-enabled trojan was inserted in the homepage for the site. Websense Security Labs was in the forefront of the discovery of last year's hack attack, which enabled hackers to steal information from visitors for several hours before detection.

Hubbard also told SCMagazineUS.com that the increased sophistication and interactive functionality of the major Super Bowl websites also may have increased the vulnerability of these sites.

“These official sites are constantly adding bells and whistles, including functions that encourage users to contribute content. These features are going up so quickly, essentially they are in beta and released at the same time,” he said, adding that Super Bowl site managers must be constantly vigilant in scanning their sites for vulnerabilities, keeping pace with would-be hackers who no doubt are doing the same thing.

See original article on scmagazineus.com