Account Options

  1. Sign in
The old Google Groups will be going away soon.
Switch to the new Google Groups.
Google Groups Home
« Groups Home
alt.comp.anti-virus
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
UPS/FedEx/DHL Delivery failure
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   9 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Bobt  
View profile  
 More options Nov 2 2009, 7:39 pm
Newsgroups: alt.comp.anti-virus
From: Bobt <infore...@gmail.com>
Date: Mon, 2 Nov 2009 16:39:13 -0800 (PST)
Local: Mon, Nov 2 2009 7:39 pm
Subject: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
I just received an email stating a new virus .. when you click on the
attached invoice bad things happen. Not sure what type it is ..
Anyone hear anything about this ..

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
David H. Lipman  
View profile  
 More options Nov 2 2009, 8:30 pm
Newsgroups: alt.comp.anti-virus
From: "David H. Lipman" <DLipman~nosp...@Verizon.Net>
Date: Mon, 2 Nov 2009 20:30:26 -0500
Local: Mon, Nov 2 2009 8:30 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
From: "Bobt" <infore...@gmail.com>

| I just received an email stating a new virus .. when you click on the
| attached invoice bad things happen. Not sure what type it is ..
| Anyone hear anything about this ..

Yes.  Old news.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
FromTheRafters  
View profile  
 More options Nov 2 2009, 8:43 pm
Newsgroups: alt.comp.anti-virus
From: "FromTheRafters" <erra...@nomail.afraid.org>
Date: Mon, 2 Nov 2009 20:43:44 -0500
Local: Mon, Nov 2 2009 8:43 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
"Bobt" <infore...@gmail.com> wrote in message

news:8f747229-089f-4be9-b591-40fe8f42162f@g23g2000yqh.googlegroups.com...

>I just received an email stating a new virus .. when you click on the
> attached invoice bad things happen. Not sure what type it is ..
> Anyone hear anything about this ..

I vaguely recollect something about some kind of thing similar to that.
Ya know - bad things - invoices...

...wasn't a virus though...sounds kinda phishy to me.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
David H. Lipman  
View profile  
 More options Nov 2 2009, 8:53 pm
Newsgroups: alt.comp.anti-virus
From: "David H. Lipman" <DLipman~nosp...@Verizon.Net>
Date: Mon, 2 Nov 2009 20:53:25 -0500
Local: Mon, Nov 2 2009 8:53 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
From: "FromTheRafters" <erra...@nomail.afraid.org>

| "Bobt" <infore...@gmail.com> wrote in message

| news:8f747229-089f-4be9-b591-40fe8f42162f@g23g2000yqh.googlegroups.com...

>>I just received an email stating a new virus .. when you click on the
>> attached invoice bad things happen. Not sure what type it is ..
>> Anyone hear anything about this ..

| I vaguely recollect something about some kind of thing similar to that.
| Ya know - bad things - invoices...

| ...wasn't a virus though...sounds kinda phishy to me.

Trojan payload not phish.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
The Central Scrutinizer  
View profile  
 More options Nov 2 2009, 9:35 pm
Newsgroups: alt.comp.anti-virus
From: "The Central Scrutinizer" <gci...@hotmail.com>
Date: Mon, 2 Nov 2009 20:35:19 -0600
Local: Mon, Nov 2 2009 9:35 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author

"FromTheRafters" <erra...@nomail.afraid.org> wrote in message

news:hco1sh$9ps$1@news.eternal-september.org...

> "Bobt" <infore...@gmail.com> wrote in message
> news:8f747229-089f-4be9-b591-40fe8f42162f@g23g2000yqh.googlegroups.com...
>>I just received an email stating a new virus .. when you click on the
>> attached invoice bad things happen. Not sure what type it is ..
>> Anyone hear anything about this ..

> I vaguely recollect something about some kind of thing similar to that. Ya
> know - bad things - invoices...

> ...wasn't a virus though...sounds kinda phishy to me.

David is right. This (and many variations) have been around for quite
some time. Many months in fact...

--


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
FromTheRafters  
View profile  
 More options Nov 2 2009, 10:07 pm
Newsgroups: alt.comp.anti-virus
From: "FromTheRafters" <erra...@nomail.afraid.org>
Date: Mon, 2 Nov 2009 22:07:13 -0500
Local: Mon, Nov 2 2009 10:07 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
"The Central Scrutinizer" <gci...@hotmail.com> wrote in message
news:hco4rl$vgs$1@aioe.org...

Was that one of the PDF exploits?

...or the Flash support exploits?

...or invoice.exe?


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
David H. Lipman  
View profile  
 More options Nov 2 2009, 10:25 pm
Newsgroups: alt.comp.anti-virus
From: "David H. Lipman" <DLipman~nosp...@Verizon.Net>
Date: Mon, 2 Nov 2009 22:25:12 -0500
Local: Mon, Nov 2 2009 10:25 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
From: "FromTheRafters" <erra...@nomail.afraid.org>

| "The Central Scrutinizer" <gci...@hotmail.com> wrote in message
| news:hco4rl$vgs$1@aioe.org...

>> "FromTheRafters" <erra...@nomail.afraid.org> wrote in message
>> news:hco1sh$9ps$1@news.eternal-september.org...
>>> "Bobt" <infore...@gmail.com> wrote in message
>>> news:8f747229-089f-4be9-b591-40fe8f42162f@g23g2000yqh.googlegroups.com...
>>>>I just received an email stating a new virus .. when you click on the
>>>> attached invoice bad things happen. Not sure what type it is ..
>>>> Anyone hear anything about this ..
>>> I vaguely recollect something about some kind of thing similar to
>>> that. Ya know - bad things - invoices...
>>> ...wasn't a virus though...sounds kinda phishy to me.
>> David is right. This (and many variations) have been around for quite
>> some time. Many months in fact...

| Was that one of the PDF exploits?

| ...or the Flash support exploits?

| ...or invoice.exe?

There have been at least 3 or 4 iterations that were trojan payloads.  None were explot
code.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Virus Guy  
View profile  
 More options Nov 2 2009, 11:18 pm
Newsgroups: alt.comp.anti-virus
From: Virus Guy <Vi...@Guy.com>
Date: Mon, 02 Nov 2009 23:18:40 -0500
Local: Mon, Nov 2 2009 11:18 pm
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author

"David H. Lipman" wrote:
> | Was that one of the PDF exploits?

> | ...or the Flash support exploits?

> | ...or invoice.exe?

> There have been at least 3 or 4 iterations that were trojan
> payloads.  None were explot code.

The first instance of a "UPS Delivery problem" e-mail that I got was
6/19/2009.

The first for a "DHL Delivery problem" was 8/16/2009.

I've received a few dozen of them in total so far.

They both contain an attached file (.zip) of between 20 to 30 kb in
size.  When unzipped, the single .EXE payload file is between 35 to 50
kb in size.

The .exe files are identified as Bredolab by some AV apps - and as a
generic trojan by most.

http://www.symantec.com/connect/blogs/trojanbredolab-making-yet-anoth...


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
David H. Lipman  
View profile  
 More options Nov 3 2009, 9:15 am
Newsgroups: alt.comp.anti-virus
From: "David H. Lipman" <DLipman~nosp...@Verizon.Net>
Date: Tue, 3 Nov 2009 09:15:44 -0500
Local: Tues, Nov 3 2009 9:15 am
Subject: Re: UPS/FedEx/DHL Delivery failure
Print | Individual message | Show original | Report this message | Find messages by this author
From: "Virus Guy" <Vi...@Guy.com>

| "David H. Lipman" wrote:

>> | Was that one of the PDF exploits?
>> | ...or the Flash support exploits?
>> | ...or invoice.exe?
>> There have been at least 3 or 4 iterations that were trojan
>> payloads.  None were explot code.

| The first instance of a "UPS Delivery problem" e-mail that I got was
| 6/19/2009.

| The first for a "DHL Delivery problem" was 8/16/2009.

| I've received a few dozen of them in total so far.

| They both contain an attached file (.zip) of between 20 to 30 kb in
| size.  When unzipped, the single .EXE payload file is between 35 to 50
| kb in size.

| The .exe files are identified as Bredolab by some AV apps - and as a
| generic trojan by most.

| http://www.symantec.com/connect/blogs/trojanbredolab-making-yet-anoth...

Yepper !
That's the latest iteration.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2012 Google