Nuisance Creator Trojan “FedEx Delivery” Exposed

A Trojan horse program, apparently from the logistics services company FedEx, has been exposed by the security firm IronPort.

IronPort revealed that the outburst of the "FedEx Delivery" took place on August 15, 2008, i.e. just after a month of launch of a similar attack exploiting the UPS brand. The e-mail, virtually sent by FedEx, informs the recipients about a delivery failure. The users are then instructed to collect the package by downloading and taking a print out of an attached invoice copy.

The moment this attachment is opened, a Trojan gets installed, which alters the wallpaper and provides the full control of the infected PC to the remote hackers. Then that particular PC acts as a host for the spyware and is used to send spam. It is also used to install screen scrapers and keyloggers so as to steal the personal, confidential and financial information of the user.

The Trojan has so far been confirmed only in Europe and the US and there are no signs of its spread in the Middle East. However, the Internet users in the region are recommended to be vigilant while accessing the attachments. They are further advised to keep the security software updated as a precautionary measure.

According to the security firm, data collected from the corporate consumers between May 2007 and May 2008 confirms that the current attack displays an expected 220% rise in the number of threats. Meanwhile, an increase of 855% was recorded in the backdoor and password pilferage incidents. Also, in May 2008, 68% of the Internet-based malware was traced to the fake websites. The danger of disclosure to spoofed sites and hackers rose alarmingly to 407%.

According to the experts, this particular Trojan is extremely dangerous as it is able to render the firewall inactive, create screen shots and make logs of current online working sessions. It can also steal financial credentials such as credit card details, account numbers and login details.

Moreover, it is capable of downloading certain components which provide the hacker a convenient mean of gaining access over the infected PC. Thus, to protect the PC from the Trojan, users are strongly advised to install and activate a trustworthy anti-malware software, firewall and spam filter.

» SPAMfighter News - 11/20/2008