Over the past 24 hours, cybercriminals launched yet another massive spam campaign, impersonating the United Parcel Service (UPS), in an attempt to trick its current and prospective customers into downloading and executing the malicious attachment found in the email. Upon execution, the malware opens a backdoor on the infected host, allowing the cybercriminals behind the campaign to gain complete control over the victim’s host.
More details:
Screenshot of the spamvertised email:
Detection rate for the malicious attachment: MD5: 0e78d3704332c59b619f872fd6d33d25 – detected by 32 out of 43 antivirus scanners as Trojan-Downloader.Win32.Andromeda.qw.
Go through related analyses of UPS themed malicious campaigns:
- Cybercriminals impersonate UPS, serve client-side exploits and malware
- Cybercriminals impersonate UPS, serve malware
- Cybercriminals impersonate UPS in client-side exploits and malware serving spam campaign
- Spamvertised ‘UPS Delivery Notification’ emails serving client-side exploits and malware
- Spamvertised ‘Your UPS delivery tracking’ emails serving client-side exploits and malware
Webroot SecureAnywhere users are proactively protected from these threats.
You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.
