Emails that purport to come from FedEx are highly common and most antivirus solutions are able to easily identify the threats attached to them. However, every once in a while the cybercriminals that launch these campaigns develop a new Trojan variant that’s initially detected only by a handful of security products.
Such is the latest case presented by mxlab. The researchers have found that a parcel delivery failure notification hides a malicious element that, at press time, was identified only by 12 out of 42 vendors as posing a threat.
“We couldn’t deliver your parcel. Reason:The weight of parcel is exceed the available parameters for free delivery,” reads part of the message.
The attachment that comes with it is named something like FedEx_Label_ ID_Order_83-27- 4534US.zip, the archive file containing an executable that’s detected as Kuluoz, Bredo or Dropper, depending on the antivirus product.