English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Fake CNN emails claim US have started bombing Syria

Roel
Kaspersky Lab Expert
Posted September 06, 16:51  GMT
Tags: Adobe, Oracle
0.2
 

We're currently seeing a spam run which involves a (fake) report from CNN saying that the US have started bombing Syria.

Clicking the shortened link will lead to an exploit kit which targets older, vulnerable versions of Adobe Reader and Java. The attackers favor using the Java exploit over the Reader exploit, as Java exploits are generally more reliable.

The exploit will download a Trojan-Downloader onto the system, which will subsequently download various other malware.

We've seen these actors use various methods of getting people to click on links in emails, including fake Facebook and PayPal emails. They also tend to use various URL shortening services.

It's not surprising to see cyber-criminals jump on actualities. If the US do decide in favor of military action against Syria we can expect a lot more Syria-themed malicious emails.


1 comments

Mohsen

2013 Sep 08, 11:26
0
 

Hi Roel

can you send this file for me?
thanks

Reply    
If you would like to comment on this article you must first
login


Bookmark and Share
Share

Analysis

Blog