A website owned by Wagamama – the famous Japanese restaurant and noodle bar - has been hijacked by cybercriminals. Experts found it to be injected with a piece of malicious code that’s part of the RunForestRun campaign.
Websense experts report
that the RunForestRun attack leverages a vulnerability in Parallels' Plesk
to steal user credentials and compromise accounts.
containing pseudo-randomly generated
URLs is loaded.
In the end, these URLs lead the victim to the well-known BlackHole exploit kit.
Since this attack is not new, most security solutions are able to identify and block the malicious URLs. However, at the time of writing, our trusty antivirus was still displaying warning messages when we tried to access the goeast.wagamama.com