Blackplague vs Hackers : The UPS Wars

Posted: June 13, 2011 in Uncategorized
Tags: , , , , , , ,
Image representing UPS  as depicted in CrunchBase

Image via CrunchBase

Now to write something completely unrelated to censorship or politics. I’m gonna attack malware for once, because It has effected me to great not too. I have become the target of spammers/hackers lately, all sending me virus infected emails to one of my email addresses. It started right after a serious virus incident on my PC in 2009. Here is the text of an email I got last week apparently from the UPS.

UPS Express Delivery
tracking number # 7428528
Good morning
Parcel notification
The parcel was sent your home adress.
And it will arrive within 5 buisness days.
Moreinformation and the parcel tracking number are attached in document below.Thank you
UPS Express Delivery system (c)
Copyright © 1994-2011 United Parcel Service of America, Inc. All rights reserved.

Emails with a message similar to this have been plaguing my Psychotic Fury (Thrash artist of mine from 2002-2010) official email on yahoo.com for ages… All of them are absolutely not from the real UPS or DHL but are from hackers  from foreign countries that have attachments that they suggest to download and run… Which are all infected with nasty Malware (Computer Virii, etc). Now this is not an uncommon thing… Scammers will actually create super authentic looking UPS themed messages that are actually from a ups.com URL and will trick people into downloading them… After I thought I was being purposely targeted I looked up online the scams involved from the Real UPS website.

What’s surprising is the sheer amount of faked malware infected UPS message I receive on my emails… Here is a screenshot showing all the ones I’ve gotten lately.

It seems the losers keep spamming me every day with this crap, thinking I am stupid enough to open up the attachments.. I am fairly well educated on the way MALWARE works and know that virus laden email attachments are quite common and should NEVER be downloaded or ran.

Now these aren’t all the fake UPS/DHL themed messages that have virus-infected attachments in them. I have also gotten at least 5 others since 2009. It seems I have become a target of spammers or hackers… In case you don’t know, my PC was seriously infected with the VIRUT virus back in ’09, which I got from I don’t know where, and these appeared right after I got the PC back from the reformat necessary to remove the damned turd of a malware.

Virut infects every single program you open in windows, so you get dozens of virut’s at once running, trying to download a trojan that allows VIRUT to infect your windows core files, which are needed to boot properly. My PC filled with music I wrote was lost due to the REFORMAT necessary to clean off the PC after It refused to start.

Now none of these are VIRUT infected but the actual virii/malware included are so bad that you should NEVER open them up. They are very difficult to remove on your own… So it’s best never to even get infected, but with all the people using UPS/DHL to order products online, the chance someone will think their latest online purchase had a problem delivering is great, so therefore in their cases,  running the Virus is likely. To prove that these infections were really bad here are 3 screenshots of the attachments of 3 emails that my Yahoo.com norton email scanners said were clean, scanned at virustotal.com

Now the malware found in the infected attachments is quite severe in the first and second and Absolutely undetectable by any antivirus engine on the market used by virustotal.com in the third example. If anyone ran the infected programs they would be seriously infected and would have to reformat. Most of the malware are serious Trojan Horses and Fake Antivirus malware which are the easiest 2 of the 4 nastiest kind of malware to remove, that makes them brutally hard to remove, the only thing harder are Rootkits and Polymorphic File infectors (Virut/sality/etc). So someone wants my PC to be reinfected after it was screwed up in 2009. No surprise. Who the hell is behind this?

Looking at the email addresses proves that the emails are being sent to many people with similar email names to mine, and looking at the full headers gives me proof of who is sending it. The shitty excuse for hackers don’t know I know how to trace their crappy fake virus sending sites they link to do they?  With WHOIS I can.. I can find out what ISP they are using to spread their malware to infect others.. And here are the results of the IP traces I did on the senders of the 3 attachments I showed the scan results of above…

Notice 2 out of 3 of the ISP’s used to launch malware are the same, “Gold Telecom” from Buenos Aires, Argentina. So the hackers are not  using ISP’s from around here often.. But at least one trace I did came from the US so that isn’t alway true. How corrupt can ISP’s be to allow their clients to set up malware sites on them? I don’t know. But they most be really bad to allow for this stuff without punishment. The hackers are devious and really well schooled in the ways of hiding themselves and their true intentions online.

To prevent infection on your PC, an Antivirus really isn’t enough. You need a good firewall too. Comodo internet security is the best I’ve found. It literally blocks any thing it finds suspicious enough to be malware, doesn’t require a signature to tell if the file blocked is malware, it does it by scanning for it’s actions. It has protected my system many times, so has my free Antivirus, Avira 9. I would not recommend getting any AVG antivirus due to it’s issues with deleting critical system files and the lack of Malware it finds, and it has no real rootkit detection included in it’s free version. Stay the hell away from Norton, Mcaffee, etc. Their bad. Kaspersky is infinitely better, but is not free. Panda is good. But I recommend free antivirus products because, to me they are a lot more thorough.

Advertisements

Comments are closed.