Websense® Security Labs™ has discovered that the official website of Dolphin Stadium has been compromised with malicious code. The Dolphin Stadium is currently experiencing a large number of visitors, as it is the home of Sunday's Super Bowl XLI. The site is linked from numerous official Super Bowl websites and various Super Bowl-related search terms return links to the site. A link to a malicious javascript file has been inserted into the header of the front page of the site. Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004. Both of these exploits attempt to download and execute a malicious file.
Thanks to Jeremiah Grossman for sending me a message today bringing this to my attention. Declan McCullagh posted some good resources about this. All are plain text and will not harm you. The original HTML page with the nasty JavaScript Nasty JavaScript file it loads VBScript file which gets bootstrapped from one of the HTML files Super Bowl XLI website owned |