UPS trojan strikes again

By
Follow google news

A trojan masquerading as an email notice from UPS, the delivery service, tries to dupe users into clicking on an enclosure to download malware.

A trojan masquerading as an email notice from UPS, the delivery service, tries to dupe users into clicking on an enclosure to download malware.

UPS trojan strikes again

"It's not a new technique for fooling people into opening a malicious attachment, but clearly the hackers still think it has some legs," wrote Graham Cluley, senior technology consultant at Sophos, in a post on his blog.

The message claims that a package could not be delivered - that is, UPS did not deliver a package because an incorrect destination address was specified.

The trojan is named TrojanSpy.ZBot.DGI (VirusBuster), Trojan-Dropper.Delf (Ikarus) or VirTool:Win32/DelfInject.gen!J (Microsoft), according to email security firm MX Lab.

The "From" address is spoofed and contains "United Postal Service tracking[at]ups[dot]com."

"The trojan hides itself inside the file Invoice_8612112.exe once you have extracted the ZIP archive Invoice_8612112.zip. Names and numbers may vary," said an advisory on the MX Lab blog.

Add iTnews as your trusted source

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

JB Hi-Fi Group finds new cyber security leader

JB Hi-Fi Group finds new cyber security leader

Toll Group puts third-party risk at centre of AI-era data security

Toll Group puts third-party risk at centre of AI-era data security

How Monash University is tackling the AI-driven app security gap

How Monash University is tackling the AI-driven app security gap

Log In

  |  Forgot your password?