Cybercriminals Leverage Syrian Chemical Weapons Attack to Spread Malware
Kaspersky and Symantec experts have spotted different types of malicious emails
Experts from Kaspersky have found bogus CNN emails entitled something like “The United States began bombing.”
“Pentagon officials said that the United States launched the first strikes against Syria. It was dropped about 15 bomn on stalitsu Syria Damascus,” the poorly written emails read.
The links from these messages don’t point to the CNN website, but to a malicious domain that’s set up to exploit Java and Adobe Reader vulnerabilities in an effort to push malware onto users’ computers.
Researchers from Symantec have spotted other types of Syria-themed emails. The bogus notifications analyzed by Symantec are entitled “chemical attack in Syria” and they carry a document file.
When recipients open the document, they’re presented with part of a genuine news article copied from The Washington Post.
While the document appears to be harmless, in reality it’s designed to exploit a vulnerability in Internet Explorer and download a piece of malware.
Check out the gallery to see what these emails look like.
Malicious Syria-themed emails (3 Images)
... so hot right now