Cybercriminals Leverage Syrian Chemical Weapons Attack to Spread Malware

Kaspersky and Symantec experts have spotted different types of malicious emails

By on September 9th, 2013 09:53 GMT

Similar to other major events, the alleged chemical weapons attack in Syria is leveraged by cybercriminals in an effort to distribute malware.

Security researchers have spotted several malicious emails that appear to contain news on this topic.

Experts from Kaspersky have found bogus CNN emails entitled something like “The United States began bombing.”

“Pentagon officials said that the United States launched the first strikes against Syria. It was dropped about 15 bomn on stalitsu Syria Damascus,” the poorly written emails read.

The links from these messages don’t point to the CNN website, but to a malicious domain that’s set up to exploit Java and Adobe Reader vulnerabilities in an effort to push malware onto users’ computers.

Researchers from Symantec have spotted other types of Syria-themed emails. The bogus notifications analyzed by Symantec are entitled “chemical attack in Syria” and they carry a document file.

When recipients open the document, they’re presented with part of a genuine news article copied from The Washington Post.

While the document appears to be harmless, in reality it’s designed to exploit a vulnerability in Internet Explorer and download a piece of malware.

Check out the gallery to see what these emails look like.

Malicious Syria-themed emails (3 Images)

Gallery Image
01
Gallery Image
02
Gallery Image
03

Comments