Amaq, the official website for Islamic State propaganda, released a warning on March 30 that it had been hacked and covert malware was being distributed through a fake Flash Player update directed at all visitors.
The "news agency" announcement was made on Amaq’s Telegram channel and distributed through ISIS web forums to warn the estimated thousands of visitors turned victims.
The false Flash installer has been identified as spreading a well-known, readily available remote access tool that would give backdoor access to the sensitive information, screen captures, webcam, keystrokes, files and more of a victim’s computer. This generic malware is easily detected by antivirus programs.
The Amaq site is said to now be migrated and mitigated of the malware.
No hackers have publicly claimed responsibility, though Vocativ.com reported that a user affiliated with anti-ISIS campaign #OpISIS posted "Were [sic] coming for you…" and mentioned Amaq on March 29.