Recapping the Fox Sports Website Compromise

On October 2nd eSoft published a blog warning visitors of the Fox Sports website about compromised pages with the potential to serve malicious software. To date, the threat remains on their website despite direct warnings to Fox Sports webmasters and domain contacts of the infection.

This website is ranked the 75th most popular website in the US and 311th in the World according to Alexa. The 6+ million [as reported by Compete] unique visitors each month are still at risk. Fox Sports users should check their machines for any signs of infection or malicious activity.

The danger lies in a hidden iframe that attackers have placed in certain pages on the website. The iframe links to a site that is known to host a variety of trojans and other malicous payloads. eSoft is blocking the infected Fox Sports websites in the 'Compromised' category until the infection is cleaned - the malicious site hosting the payloads, thingre.com, is blocked as 'Malware'.

Multiple pages on Fox Sports have been found with this infection. The compromise was originally found as part of the Fantasy Baseball Hot Streak game, a portion of the site which has since been cleaned.

It's unclear how the site was compromised or if any other pages on the Fox Sports website have been exploited. At the time of writing eSoft has still not received any response from Fox Sports.

Comment on this blog