One of the latest malware distribution campaigns, relying on
a medium size spam wave, features the abusive use of the delivery company’s
name to trick the users into downloading and compromising their systems.
The unsolicited message informs the customers that UPSTM was not able to deliver an
alleged package sent several months ago. The message also asks the recipients
to download the invoice copy in order to retrieve the bundle. However, the
attached archive does not hold the supposed invoice, but an extremely dangerous
piece of malware, known as Trojan.Downloader.Bredolab.AM.
Upon penetrating an unprotected system, this Trojan
infiltrates a .DLL file within the SYSTEM32 folder of Microsoft