The file was injected into the header of each site, executing and attempting to download a Trojan to the PC of anyone visiting the site. The Trojan attempted to exploit two known Windows vulnerabilities.
Experts at McAfee Inc. said the script and Trojan weren't sophisticated, but that placing it on the Dolphins Stadium site the weekend of the Super Bowl was extremely effective at spreading the malware.
The chief researcher at SANS ISC said all the high-profile sites had been fixed and posed no danger to visitors; managers of several of the sites couldn't confirm whether they'd been infected, however, and others did not return calls.
The original version of this story appeared on TechTarget sister site SearchSecurity.com.