The Latest in IT Security

A wild malware rollercoaster – over 500% increase

15
Aug
2011

The UPS name is once again being used to spread vast amounts of email-attached malware. The last week has seen an extraordinary increase – over 5.5 times the average level before the outbreak. The attack closely resembles the large outbreak reported on at the end of March. The graph below illustrates the increase:

There are numerous versions of the email text – some examples:

Good afternoon!

Dear Client , Recipient’s address is wrong

Please fill in attached file with right address and resend to your personal manager

With best regards , Your USPS .com Customer Services

 

Good afternoon!

Dear User , Delivery Confirmation: FAILED

Please print out the invoice copy attached and collect the package at our department

With respect to you , Your UPS Services

 

GOOD AFTERNOON!

Dear Client , We were not able to delivery the postal package

Please fill in attached file with right address and resend to your personal manager

With Respect , Your UPS .COM

 

ATTENTION!

DEAR CLIENT , RECIPIENT’S ADDRESS IS WRONG

PLEASE PRINT OUT THE INVOICE COPY ATTACHED AND COLLECT THE PACKAGE AT OUR DEPARTMENT

With best wishes , Your USPS .us Customer Services

 

These emails also come with a range of subjects such as:

  • USPS Attention 060532
  • USPS: DELIVER CONFIRMATION – FAILED 17592718
  • USPS id. 182407
  • USPS DELIVERY CONFIRMATION 7264145
  • From USPS 4009717
  • Your USPS id. 44531036
  • USPS ATTENTION 44123265

In the previous attack the filenames were quite limited – unlike this attack – some examples:

  • “ups_NR9Yl2673.zip”
  • “Ups_NR5pY500268590.zip”
  • “UPS_NR5Da3052.zip”
  • “MyUps_NR9hN8574.zip”
  • “MYUPS_NR5gX736615890.zip”

Reminder: In the last series of attacks the subjects were changed to use the DHL brand a few days after the initial attack.

 

Leave a reply


Categories

WEDNESDAY, OCTOBER 28, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments