India’s embassy in Spain victim of a malicious attack

Sophoslabs has received reports (Passionate about Information Security and Dancho Danchev) that India’s Embassy in Spain has been the victim of a malicious attack.

We can confirm that the site is indeed infected with Mal/Iframe-F. The site imports content via Iframes from (both sites are registered to the Embassy). The imports more content via Iframes from indexENG.html and it is this file that contain the malicious Iframes.

As mentioned in Dancho’s blog several other embassies have been hit in the past including the US Consulate in St Petersburg.

The interesting thing from my point of view is that Ismael’s screenshot (on Passionate about Information Security) suggests he is using Sophos Anti-Virus for Mac.