According to Websense, the internet site for Dolphin Stadium, which hosted yesterday's Superbowl, played inadvertent host to a trojan horse program that will download a keystroke-logging machine on any Window's machine that hasn't obtained the latest upgrades. As you can guess, the site is experiencing heavy traffic, and according to Websense, what happens is:
"A link to a malicious javascript file has been inserted into the header of the front page of the site. Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004. Both of these exploits attempt to download and execute a malicious file.
The file that is downloaded is a NsPack-packed Trojan keylogger/backdoor, providing the attacker with full access to the compromised computer. The filename is w1c.exe and its MD5 is ad3da9674080a9edbf9e084c10e80516."
So please just remember to keep updating.
Tags: Dolphin Stadium, Malware
Leave a comment