Categories: Security

Fish and Chip Website Battered By Malware

Security vendor Sophos has warned that the website of Harry Ramsden, the UK fish and chip chain, has been hacked and is hosting a piece of malicious script.

Graham Cluely, senior technology consultant at Sophos told eWEEK Europe that Harry Ramsden’s website has been carrying the code for several days now. Cluely said the malicious script on the site, in turn drags down another piece of malicious code, from a German website.

“This often happens where a tiny bit of script is inserted into a website, which then drags down further malicious script that does more damage,” said Cluely.

“What appears to have happened is that hackers were trying to spread malware via the Harry Ramsden website, and the script was trying to pull down content from the German site,” said Cluely. “However, it looks like the infection on the Harry Ramsden website is broken, so it is not currently grabbing any malicious content.”

“It could be that the hackers themselves have screwed up, or it could be an incomplete fix or clean by Harry Ramsden,” he said. “The concern will be if the hackers were able to gain access in order to insert malicious code, then they can use that vulnerability again.”

“Harry Ramsden really needs to look at its website security,” Cluely added. He said that Sophos had checked the Harry Ramsden website on Friday afternoon, and confirmed that the site is still hosting the broken malicious code.

“It is still broken so thank heavens for that,” he said. “But the potential exists for someone to unbreak or fix the malicious code. Harry Ramsden have not a done a good job of repairing it. We contacted a phone number listed on their website and were put through to a third party support department. We have explained the problem to them.”

Sophos identified Troj/Iframe-DF as infecting the Harry Ramsden website. This iframe in turn points to a hacked site in Germany, which redirects you to a fake Google site registered in the EU, that triggers Troj/ObfJS-R.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago