Takeaway malware and spam

Do you fancy a Thai meal tonight? Do you live in Germany? If the answer to both these questions is yes then beware!

While analyzing spam today I notice a large Viagra campaign:

Viagra message

Looking at the link it was a simple redirect.

www.domain.tld/redir.htm

The domain in this case was quite old and so my first thought was this was a hacked site.

Upon visiting the site, a Thai restaurant located in Germany, I received this warning from FireFox:

Warning

I also received a virus warning from Sophos Anti-Virus:

Virus Warning

You may remember that Troj/Iffy-B, was associated with pictures of Miss Paris Hilton and Miss Jenna Jameson (see article).

After being hacked by the Troj/Iffy group the restaurant’s website is now owned by spammers.

So, while you are munching on your Thai Green Curry tonight make sure you don’t get an extra side of malware or spam.