Syrian malware pushers want you to think the U.S. has already invaded

The pro-Assad hacker group, the Syrian Electronic Army, has been sending out malware disguised as CNN articles. 


Joe Kloc


Published Sep 10, 2013   Updated Jun 1, 2021, 6:51 am CDT

The Syrian Electronic Army, a pro Bashar al-Assad hacker group in civil war-torn Syria, has been sending out fake CNN email alerts reporting that the U.S. has bombed Syria.

According to Threatpost, the emails—sent from breakingnews[@]mail[dot]cnn[dot]com—contain links to fabricated news stories that, if followed, download malicious software. The malware in these emails, once downloaded onto an unsuspecting computer, begins to download more malicious software. 

It is not clear what, exactly, that malware is designed to do.

One such email, posted by the Kaspersky Lab, included an article pretending to be written by CNN journalist Casey Wian. The headline read, “The United States began bombing!”. The story was dated August 14, 2013. 

Oddly, the email included a error-riddled summary of the article: “Pentagon officials said that the United Stated launched the first strikes against Syria. It was dropped about 15 bomn on stalitsu syria Demascus.” 

Email screenshot via Kaspersky Lab/Securelist

The SEA has a long history of launching attacks on western media outlets. Earlier this year they hacked the New York Times, and Twitter, as well as the Daily Dot

In the past, these SEA targets have drawn the group’s ire by reporting negatively on the Assad regime and its actions during the Syrian Civil War. The motivation behind this particular SEA attack is less clear.

Photo by D. Miller/Flickr

Share this article
*First Published: Sep 10, 2013, 6:56 pm CDT