Exposed: CNN Top Ten video malware

Nicolai from the Canadian branch of SophosLabs has blogged about the malicious email campaign we have been seeing in our spamtraps.

The emails look just like CNN’s breaking news alert service, and internet users may be fooled into clicking on the links and being taken to dangerous website rather than the genuine CNN site. Once there, computer users are encouraged to download an executable file to view the video and that, of course, is a Trojan horse.

Customers using Sophos’s email and web gateway solutions are protected against the campaign, and the malware is proactively detected as Mal/EncPk-DA.

Here is a short video I made this morning, exposing the disguise used in these emails and their dangerous payload:

Sign up to our free newsletter.
Security news, advice, and tips.
[vimeo 2526538]

I think the sound quality of the commentary on this is better than in the last video we published, but let me know if you have any comments. I probably need to buy a decent microphone – again, let me know if you have a suggestion on what I should purchase.

You can view this and other videos on the SophosLabs YouTube channel. If you haven’t already done so, you might want to subscribe to the channel to be automatically alerted to new videos that we post.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.