SNIPPET: "Oops, they keep doing it again and again. The web site of the Ethiopian Embassy in Washington D.C (ethiopianembassy.org) has been compromised and is currently iFrame-ed to point to a live exploits serving URL on behalf of Russian cybercriminals, naturally in a multitasking mode since the iFrame used to act as a redirector in several other malware campaigns. Despite that the iFrame domain (1tvv .com/index.php) is already "taken care of", details on the original campaign can still be provided."