Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
  • Go

Fresh Spam Outbreak Purporting to be from UPS Identified

According to Dancho Danchev, a security consultant who works independently, a spam run that masquerades as UPS (United Parcel Service) communication is currently circulating online to deliver malware. Ddanchev.blogpost.com reported this on March 23, 2011.

Importantly, UPS is an organization based in Sandy Springs, Georgia (USA) that delivers packages.

Displaying the header, "United Parcel Service notification," the spam mails fake their sender's address such that they seem to be sent from infojs@ups.com.

The text of the e-mail tells recipients that their parcel was dispatched to the residence address given to UPS, but it'll return in seven days. The tracking code and additional details can be obtained from a given attached file, it adds.

But, the attached file named UPSnotify.rar appears slightly abnormal since it'd have been more appropriate is using .zip. Windows don't provide any local support for file names ending with .rar.

Meanwhile, in the archive, there is one file named UPSnotify.exe that's actually a Trojan installer. This executable when loaded actively takes down and runs more malicious programs on the infected PC.

Remarking about the above assault, Danchev stated that it involved a bogus AV (anti-virus) namely Trojan.FakeAV!gen39, which's one backdoor called Gbot, as also one W32.Pilleuz variant that got detected only occasionally. Softpedia.com reported this on March 24, 2011.

Now, the Pilleuz variant is somewhat interesting because it communicates with hotmail.com, yahoo.com and gmail.com without any reason other than for dissociating researchers from it.

Unluckily, this malware rarely gets detected (detection rate is merely 32.6%).

Wrote Danchev, as guessed, online crooks had begun to input authentic websites into their C&C communication styles so they might weaken researchers' efforts for chasing their malevolent operations. Ddanchev.blogpost.com reported this on March 23, 2011.

Ultimately, it's because of the above kinds of spam runs that malware has remarkably spiked across the Web. PandaLabs a security company released statistics that lend further credence to this statement. According to those statistics, a mean of 73,000 malware sources were identified during 2011 (first trimester) that mainly comprised PC-Trojans. Indeed, Trojans that account for nearly 70% of all malicious programs continue to be the most widespread threat online.

Related article: Fark.com Files Suit against Suspected Hacker from Fox13

ยป SPAMfighter News - 05-04-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next