In association with heise online

31 March 2008, 10:34

Malware instead of Euro Championships tickets

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A web site selling tickets for Euro 2008 appears to be infected with malware, putting football fans' PCs at risk. Security company Sophos has detected a malicous script in the site, and identified it as Mal/ObfJS-R. The script is designed to download further malicious content from other web sites, but appears to be buggy and doesn't always succeed in infecting a visitor's PC. The first mentions on internet forums that the ticket office was distributing the malicious code date from around December 2007.

Tickets for the 2008 European Football Championship in Austria and Switzerland are in heavy demand. Almost 8.5 million hopefuls applied for the 418,000 or so tickets that were offered in a first tranche last year.

Tests by heise Security showed that the ticket sales page which the script /buy_ticket.aspx handles is probably the only page affected. The malicious JavaScript code lies at the bottom of the page, but Sophos says it contains errors, so that it either does not run or at least can't run on all browsers.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit