So-called CNN emails on U.S. bombing Syria lead to exploit kit
The phishing emails contain shortened links to a crimeware kit.
Malicious emails, craftily disguised as breaking news from CNN that the U.S. is bombing Syria, are making the rounds online, researchers warn.
According to Roel Schouwenberg, a senior anti-virus researcher at security firm Kaspersky, who blogged about the phishing campaign last Friday, the emails actually contain shortened links leading to an exploit kit that targets vulnerable Adobe Reader and Java software.
More often, however, phishers prefer to use the “more reliable” Java exploits, he wrote.
Once users click malicious links in the fake CNN emails, they're led to the exploit kit, which downloads a trojan capable of distributing other malware on compromised machines.
“If the US do[es] decide in favor of military action against Syria, we can expect a lot more Syria-themed malicious emails,” Schouwenberg warned.