SophosLabs blog

Sophoslabs has received reports (Passionate about Information Security and Dancho Danchev) that India’s Embassy in Spain has been the victim of a malicious attack.

We can confirm that the site is indeed infected with Mal/Iframe-F. The site embajadaindia.com imports content via Iframes from embajadaindia.net (both sites are registered to the Embassy). The embajadaindia.net imports more content via Iframes from indexENG.html and it is this file that contain the malicious Iframes.

As mentioned in Dancho’s blog several other embassies have been hit in the past including the US Consulate in St Petersburg.

The interesting thing from my point of view is that Ismael’s screenshot (on Passionate about Information Security) suggests he is using Sophos Anti-Virus for Mac.

Posted on January 28th, 2009 by Pob, SophosLabs, UK
Filed under: Malware, Web

                                         

Windows 7 security - A great leap forward or business as usual?

Related posts

• Another embassy falls victim to attack
• Another embassy site hit in Fake AV attack
• Update on the New York Times malicious ads attack
• YAE: Yet Another Embassy — The Republic of Sudan in London
• Analysis of a Web Attack