Sign up for our Newsletters |   Email the Editor  |  Print 

Cyber-criminals are using the Olympics to put malware on the podium, hijacking legitimate Olympic coverage and content so as to infect those involved with the Beijing Games and its fans, according to security experts.

Olympic fans reading the Agence-France Presse (AFP) coverage on the New Delhi Television Limited (NDTV) Web site were exposed to malware after the site fell prey to a SQL injection attack.

Athletic organizations around the world have also been hit with a legitimate-looking, targeted phishing scam.

A Google search reveals a Web page altered by SQL-injection.

Experts in the computer security community have been warning the Olympic Games would be a prime target for cyber-crooks looking to spread malware.

Now those predictions seem to be coming true, according to Graham Cluley, senior technology consultant at U.K.-based Sophos PLC.

"Hackers are especially keen to hit high-traffic pages of the Internet as it increases their potential pool of victims" he says on his blog. "These pages are likely to be getting a lot of visits at the moment as the world is following the Olympic Games closely."

Security experts say AFP isn't to blame for the NDTV Web site getting infected.

"Poor coding in this environment can leave a site susceptible to an SQL injection," says Paul Baccas, a Sophos security analyst. "What I believe happened is this news site setup a machine to syndicate news from AFP and forgot about it."

Baccas first identified Olympics-content related attacks on his blog.