Hackers targeted Superbowl-related websites last week in attempt to direct American football fans to sites hosting malware.

Sites related to the Miami venue of the NFL Championship game - www.dolphinsstadium.com and www.miamidolphins.com - were among a number of sites hacked into and modified to insert reference to a hostile script running on Chinese site www.dv521.com. The NFL's Superbowl.com website was not affected by the attack.

The hostile scripts took advantage of two Windows exploits in attempting to download a file called W1C.EXE from the dv521.com site, which contains the Wow-PK key-logging Trojan. The offending Chinese site was taken offline late last week after the attack was detected by net security firm Websense and before Sunday's game, where the Indianapolis Colts beat the Chicago Bears 29-17 in a rain-affected game. ®

Related stories

• Cyber crooks hijack 10,000 websites (18 June 2007)

  https://www.theregister.com/2007/06/18/hijacked_sites_install_malware/

• Gozi hybrid Trojan menaces the net (22 May 2007)

  https://www.theregister.com/2007/05/22/gozi_trojan_hybrid/

• Fear and Loafing at RSA (9 February 2007)

  https://www.theregister.com/2007/02/09/rsa_fear/

• Trojan downloader uses Zidane lure (17 July 2006)

  https://www.theregister.com/2006/07/17/zidane_trojan/

• Premiership Excel virus debuts after season concludes (8 May 2006)

  https://www.theregister.com/2006/05/08/premiership_virus/

• Janet Jackson's jub tops Google search list (22 December 2005)

  https://www.theregister.com/2005/12/22/google_search_results/

• Beckham + strumpet pic actually Trojan (12 October 2004)

  https://www.theregister.com/2004/10/12/beckham_trojan_ruse/