Fact Check

CNN / MSNBC Alert Virus

Information about the 'CNN News Alert' virus lures.

Published Aug. 12, 2008


Virus:   CNN / MSNBC News Alert

Status:   Real virus.

Example:   [Collected via e-mail, July 2008]

Origins:   The CNN News Alert" mailings are new lures for an existing virus (rather than a new form of virus), but since they've garnered so much attention, we've created this separate entry for them.

The mailings, which began in August 2008, typically arrive with subject lines such as "CNN.com Daily Top 10" or "My CNN Alert" or "CNN Alerts: Breaking news," offer what appear to be links to news stories from the CNN web site. However, clicking through on the links takes the user not to the CNN web site, but to a site that will initiate the download of an malicious executable onto the user's PC. (Variants of these mailings used MSNBC in place of CNN.)

All of this camouflage is cover for propagation of the Storm worm, a virus which has been around for a few years and has been spread via many guises. Because a recent incarnation of this virus lure invoked the name and symbol of the Federal Bureau of Investigation (FBI), that agency has issued a press release to warn the public about the misleading messages:

FBI Warns of Storm Worm Virus

The FBI and its partner, the Internet Crime Complaint Center (IC3), have received reports of recent spam e-mails spreading the Storm Worm malicious software, known as malware. These e-mails, which contain the phrase "F.B.I. vs. facebook," direct e-mail recipients to click on a link to view an article about the FBI and

Facebook, a popular social networking website. The Storm Worm virus has also been spread in the past in e-mails advertising a holiday e-card link. Clicking on the link downloads malware onto the Internet connected device, causing it to become infected with the virus and part of the Storm Worm botnet.

A botnet is a collection of compromised computers under the remote command and control of a criminal "botherder." Most owners of the compromised computers are unsuspecting victims. They have unintentionally allowed unauthorized access and use of their computers as a vehicle to facilitate other crimes, such as identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Because of their widely distributed capabilities, botnets are a growing threat to national security, the national information infrastructure, and the economy.

"The spammers spreading this virus are preying on Internet users and making their computers an unwitting part of criminal botnet activity. We urge citizens to help prevent the spread of botnets by becoming web-savvy. Following some simple computer security practices will reduce the risk that their computers will be compromised," said Special Agent Richard Kolko, Chief, FBI National Press Office.

Everyone should consider the following:

  • Do not respond to unsolicited (spam) e-mail.

  • Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail.

  • Do not click on links contained within an unsolicited e-mail.

  • Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.

  • Validate the legitimacy of the organization by directly accessing the organization's website rather than following an alleged link to the site.

  • Do not provide personal or financial information to anyone who solicits information.

Last updated:   12 August 2008

  Sources Sources:

    Colker, David.   "Don't Open 'FBI vs. Facebook' E-Mail, Lest You Loose the Storm Worm."

    Los Angeles Times.   3 August 2008.

    Durkin, Mike.   "FBI vs Facebook Email Thread Has 'Storm Worm' Virus."

    FOXNews.com.   30 July 2008.

David Mikkelson founded the site now known as snopes.com back in 1994.