By Dancho Danchev
Cybercriminals are currently mass mailing millions of emails impersonating the United Parcel Service (UPS) in an attempt to trick users into downloading and executing the malicious file hosted on a compromised web site.
Sample screenshot of the spamvertised email:
Spamvertised URL: hxxp://buzzstar.co.uk/JUVNEFNQVI.htm
Actual download location of the malicious archive: hxxp://buzzstar.co.uk/Label_Copy_UPS.zip
The malware has a MD5: b702590c01f76f02e2d8d98833d1c95f – detected by 36 out of 42 antivirus scanners as Trojan-Downloader.Win32.Kuluoz.z; TrojanDownloader:Win32/Kuluoz.B
Webroot SecureAnywhere users are proactively protected from this threat.