[ot?] themafia.us virus hosting.

[Duncan Hill <sa...@nacnud.force9.co.uk>]

Not sure where to post this, but this should reach a fair number of admins.

themafia.us, hosted on Yahoo! is kindly serving up 2 txt files of email 
addresses and a virus.

The mail that tries to get the gullible looks like 

<div align="center">
 <p align="left">&nbsp;
 <p align="left"><font color="#FF0000" size="2" face="Verdana">You have just 
received a virtual 
 greeting from a friend!</font></p>
 <p align="left"><font color="#FFFFFF" size="2" face="Verdana">.</font></p>
 <p align="left"><font color="#FF0000" size="2" face="Verdana">You can pick up 
your postcard 
 at the following web address:</font></p>
 <p align="left"><font color="#FFFFFF" size="2" face="Verdana">.</font></p>
 <p align="left"><font size="3" face="Verdana"><A
href="http://themafia.us/a0190313376667.gif.exe"
target=_blank><strong>http://www.postcards4u.com/?a0190313376667</strong></A></font></p>
 <p align="left"><font color="#FFFFFF" size="2" face="Verdana">.</font></p>
 <p align="left"><font color="#FF0000" size="2" face="Verdana">If you can&apst 
click on the web 

I've emailed Yahoo!s abuse department, but I don't have much faith in them.  
SURBL and URIBL both list the domain, but you may wish to configure web 
proxies etc to not allow the URL.