Cyber Security

ISIS Site Hacked With Malware, Impacting ‘Thousands’

The hack prompts users to download FlashPlayer, which then sends a virus onto the user's device

Cyber Security
Illustration: Diana Quach
Mar 30, 2017 at 8:20 AM ET

The official news agency of the Islamic State, Amaq, is warning its followers about a hack on its website that allows the infiltrator to send malicious software onto user devices.

Amaq made the announcement early Thursday on a Telegram channel, warning users not to click on a request to download a Flash Player, which it said was carrying the virus. “Please be warned,” the group said in the statement.

Vocativ found that visiting Amaq’s website triggers a warning display: “The site ahead contains malware,” and that attackers “might attempt to install dangerous programs on your computer that steal or delete your information.” The warning was also circulated on ISIS web forums. There, some members claimed the malware was disguised as FlashPlayer.apk. APK (Android Package Kit,) a file format used for installing software on the Android operating system. Members claimed the malware was used for spying by exposing GPS locations, reading SMS messages and collecting data, photos, videos, and contacts from the cell phone.

One user in the forum suggested that the hacking meant there were “thousands of victims,” and that such malware made supporters easy targets. Others were advising people to reset devices to factory settings.

No group has claimed responsibility for the hack, however, a user affiliated with , an Anonymous-affiliated anti-ISIS online campaign which has for years been engaging in disrupting ISIS’ online presence mentioned Amaq in a post on Wednesday. “We are coming for you,” it said.

The warning appears when visiting Amaq’s site