Euro 2008 football ticket website hacked by cybercriminals

According to Sophos, football fans need to be careful when buying tickets for the forthcoming Euro 2008 championships online following the discovery of malicious code on the website of a large European ticket re-sale company.

The site in question has a high search engine ranking and a presence among sponsored links, indicating hackers may have a huge pool of potential victims.

SophosLabs said visitors attempting to purchase tickets through the site will be exposed to the malicious script, which is embedded in some of the Web-pages. This malware then attempts to download further attacks from another remote website. Sophos experts advise computer users be on their guard and ensure their IT security solutions are fully up to date.

Graham Cluley, senior technology consultant at Sophos claimed this is not the first time hackers have attempted to capitalise on sporting events, and predicts more sites are likely to be hacked in the run up to the competition this summer.

"Fans keen to get tickets to a game need to make sure they don't get carried away in the excitement and score an own goal before kick-off. It's essential that all computer users ensure their security settings are up to date and able to defend against these threats," he said.

Sophos noted in its 2008 Security Threat Report that a huge number of legitimate Web-pages are now being compromised by cybercriminals as they attempt to infect more computers. Sophos currently discovers a new infected webpage every 14 seconds, 83 percent of which are hosted on legitimate sites.

Hackers often use big events to exploit computer users and spread their attacks. In 2007, the website of the Miami Dolphins, host of last year's Superbowl, was compromised in the days leading up to the event in order to infect fans logging onto the site.