Popular tennis websites struck in latest malware attack, Sophos warns

Tennis fans at risk as hackers infect websites during Wimbledon tournament
Pages on the ATP website have been infected with malicious code. IT security and control firm Sophos is warning computer users of the importance of scanning all web traffic for malware following the discovery that webpages on the Association of Tennis Professionals (ATP) website have been infected with malicious code.

Pages on the ATP website are just some of the thousands on the internet to have been injected with a malicious script called Mal/Badsrc, according to Sophos experts. The script downloads another malicious script triggering an infection process which ultimately infects the victim with spyware.

Web security experts at Sophos note that by infecting pages on the website the hackers may capitalize on excitement surrounding Wimbledon 2008, one of the four grand slams in the tennis calendar making up part of the ATP tour, as tennis fans will be likely to visit the website keen to find out the latest news.

"The hackers responsible for this attack don't care what sites they infect, so long as there is a stream of potential victims likely to surf across the net, straight into their trap. The ATP website is just one of many sites to have been exploited by hackers trying to steal information from innocent internet users," said Fraser Howard, principal virus researcher at Sophos. "With the Wimbledon tournament taking place at the moment, the ATP website will be receiving a spike in visitors - but any tennis fan visiting the infected pages on the site risks being served straight into a crook's criminal racket."

Sophos customers are automatically protected against the threats of Troj/Iframe-AG and Mal/Badsrc, and users of other vendors' products are advised to update their software.

Microsoft issued an advisory this week warning of a rise in attacks targeting websites such as the one which has affected the ATP. The attacks are known as SQL Injection attacks.

"Many users simply do not understand the sheer scale of the SQL injection attacks we have been seeing in recent months," continued Howard. "A huge number of pages have been affected across government, corporate and personal sites. We have seen several cases where sites have been hit multiple times. Aside from simply having to clean up their databases to remove the malicious scripts, it is imperative that site administrators identify and fix pages containing code susceptible to these injection attacks."

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter