Cybercriminals impersonate UPS, serve malware

by


Cybercriminals are currently mass mailing millions of emails impersonating the United Parcel Service (UPS) in an attempt to trick users into downloading and executing the malicious file hosted on a compromised web site.

More details:

Sample screenshot of the spamvertised email:

Spamvertised URL: hxxp://buzzstar.co.uk/JUVNEFNQVI.htm

Actual download location of the malicious archive: hxxp://buzzstar.co.uk/Label_Copy_UPS.zip

The malware has a MD5: b702590c01f76f02e2d8d98833d1c95f - detected by 36 out of 42 antivirus scanners as Trojan-Downloader.Win32.Kuluoz.z; TrojanDownloader:Win32/Kuluoz.B

Webroot SecureAnywhere users are proactively protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Trackbacks

  1. [...] this campaign? It’s the same cybercriminal/group of cybercriminals that launched the “Cybercriminals impersonate UPS, serve malware” campaign in August, 2012. Both campaigns are launched using identical tactics, and some of [...]