Super Bowl stadium Web site hacked, delivered malware

Eric B. Parizo, Site Editor Published: 02 Feb 2007

A security firm reported Friday that digital miscreants successfully compromised the Web site of Miami's Dolphin Stadium, home of Sunday's Super Bowl XLI, potentially endangering the site's visitors. The incident, discovered by San Diego-based Websense Inc.'s Security Labs unit, involved a link to a malicious Javascript keylogger file that had been inserted into the header of the front page of the site, with the intent of propagating malicious code on visitors' computers.
"Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004," according to a bulletin from Websense. "Both of these exploits attempt to download and execute a malicious file.
"The file that is downloaded is a NsPack-packed Trojan keylogger/backdoor, providing the attacker with full access to the compromised computer. The filename is w1c.exe and its MD5 is ad3da9674080a9edbf9e084c10e80516."
According to published reports, Dolphin Stadium representatives have confirmed that the site was compromised, but said the issue had been addressed and that the Web site no longer poses a threat. However, Websense said, the initial breach may have occurred more than a week ago.
The Web site is currently experiencing higher-than-normal traffic because of Sunday's event.