Austria and Switzerland will host this summer’s 2008 European Championships soccer tournament, and the two countries have been busy arranging their ducks in a row as the opening day approaches. An army of online ticketers, souvenir sellers, bar and restaurant-owners, and soccer fans are looking forward to the tournament, which is second only to the FIFA World Cup in global importance. The last thing anyone needed was an online ticketing security disaster, but this week it was revealed that computer security firm Sophos has detected malicious code embedded in a secondary ticketing website, euroticketshop.com, which has the potential to hack the personal computers of customers using the site to buy Euro 2008 tickets.
The malware interacts with remote websites to download other malicious programs which obtain personal credit details from ticket buyers’ PCs, and uses their machines to send spam messages over the internet. This type of attack is known as a “drive-by download.” The Euro 2008 case is a symptom of current trends in cybercrime, according to computer security company Sophos, which discovered the site invasion. Sophos states that the company discovers similarly infected websites “every 14 seconds, 83 percent of which are hosted on legitimate sites that most surfers wouldn’t think twice about visiting.”
Euro 2008 begins on June 7, and European soccer fans are avidly web-surfing, anxious to find ticket deals and secure themselves a place in the stadiums for the big games. Euroticketshop.com have been unavailable for comment, but Graham Cluley, senior technology consultant at Sophos, said in a statement, “This is not the first time that hackers have attempted to capitalize on sporting events.
“Unfortunately, in the run up to the competition this summer, we are likely to see more sites like this being hacked, as well as other scams preying on football fans. Fans keen to get tickets to a game need to make sure they don’t get carried away in the excitement and score an own goal before the football even kicks off,” Cluley added.