Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 27th, 2008

Football Might Get You Infected

Recently SophosLabs identified a malicious script on the website of a European ticket re-sale company, currently building up to selling tickets for the forthcoming Euro 2008 championships. The site in question ( has a high search engine ranking and a presence among sponsored links, indicating that the hackers may have a huge pool of potential victims.

The site has been compromised in an attempt to create a classic drive-by download attack. Attempting to purchase tickets through the site will expose the user to a malicious script embedded in the pages (detected by Sophos as Mal/ObfJS-R). The script is intended to load further malicious content from a remote site. However, initial analysis suggests the script is somewhat buggy, maybe it broke during obfuscation.

Users may not become infected when browsing the site, in some browsers at least. The site is likely to attract high numbers of visitors as the championships get closer, but contact via email and telephone has thus far been fruitless. Using search engines to find a suitable ticket vendor shows the site has quite a high ranking, including a presence amongst the sponsored links.

It is not the first time we have seen a sporting event involved in an attack – shortly before the 2007 Superbowl the web site of the Miami Dolphins was compromised in order to infect victims logging on in the days leading up to the event. The Superbowl attack was almost certainly targeted, timed just before the event. In contrast the Euro 2008 ticket site has most probably not been specifically targeted, but caught up in a larger, widespread attack.

The huge number of legitimate sites being compromised presents a risk to all of us, even those that are careful.
Sophos urged all computer users to ensure that their security settings are up to date and able to defend against such threats.


Credit: SophosLabs UK

Share this item with others:

More on CyberInsecure:
  • Computer Worm Infects International Space Station Laptops
  • UK Government Website Hacked And Infected
  • IBM Hands Out Malware-infected USB At AusCERT Security Conference
  • Software Package Supplied By Lenovo Contained Malware
  • SQL Attacks Still Inject Websites Including Government Sites In US, UK

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Football Might Get You Infected

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.