Comments on: New Bredolab trojan variants in DHL and UPS tracking emails

By: Porter Cable Parts

Porter Cable Parts — Sat, 06 Mar 2010 22:20:41 +0000

I got the same email today its much worse with google mail i think now

By: Bernie

Bernie — Fri, 05 Mar 2010 18:18:41 +0000

Looks like I’ve just received a variant:
its attachment is “UPS-invoice-2756.zip”
it was sent in a spam mail from a server with IP 123.235.226.7 which is registered for “China Unicom Shandong Province Network”

By: Loostra

Loostra — Thu, 04 Feb 2010 01:11:53 +0000

Nice find, I have fixed mine thanks to these guys:
http://support.bicestercomputers.co.uk/showthread.php?t=18&page=19

By: amber

amber — Fri, 29 Jan 2010 03:53:07 +0000

I received 3 of these emails, 1 was the DHL and the other two the UPS I also wonder how one of them ended up in my email as i was not the recipient. Luckily Norton anti virus picked it up before it had a chance to do any damage! PHEW!!

By: Paul Smith

Paul Smith — Thu, 28 Jan 2010 13:51:07 +0000

I have also got that same e-mail. Fortunately it was detected by Antivirus. Thanks for the info.

By: Guy

Guy — Sat, 23 Jan 2010 06:34:32 +0000

23 january 2010- I got that same email saying it was from DHL posting services. Norton Antivirus detected it in my Yahoo mail . It seems to bee very recent; i didn,t found a lot on internet about it at this time… Thanks for this post, with all these informations!!!

By: wok3

wok3 — Fri, 22 Jan 2010 01:12:30 +0000

I got the same mail 2 days ago (19 jan 2010).

My antivirus didn’t said anything but WinZIp popped up an alert saying that the file was not an archive or that it was corrupted and you should download it again (yeah sure!!) , so i haven’t even seen the .exe file INSIDE the .zip file.

Even though i’d like to know if there’s a version of this email/virus in wich you don’t even need to run the .exe compressed into the .zip file but through some sort of exploit get folled by the “couldn’t open file” by WinZIp and still be infected.

Sophos antivirus detected the virus inside the .zip file but after deleting it it didn’t found it anywhere else.

Anyone has info about this?

thanks, wok3

By: Dhaval Malte

Dhaval Malte — Thu, 21 Jan 2010 15:19:58 +0000

I got same mail today. Even I wonder how did that mail land in my mailbox, when the ID given is not mine.

Any ways my Microsoft Security Essentials caught it even before I could open that attachment.

By: Jayne

Jayne — Thu, 21 Jan 2010 08:34:37 +0000

i have received an e-mail this morning from dhl regarding this…tried to open it but it wouldnt let me…hope ive not done aything to my computer. the emial address they used for me wasnt mine but it managed to reach my computer. dont know how to get rid of this. anyone help please