Got letter from USPS? It may be PDF malware

No matter that some of malware attacks are old and kind of boring, people are still falling into them. One of such examples is PDF malware which is expected to show up brightly on Black Friday.

PDF malware gets inside the system together with fake document sent by “legitimate’ company, such as bank or post office. Most of the users don’t even think that they can be attacked by scammers through such letters, so they open attached Adobe .PDF or other files presented as receipt, ticket or other important document immediately without thinking. In addition, such scam letters don’t fail to instruct their victims to open and save the file on the PC so that they the file could connect to the server and download malware additionally. A clear example of such attack is the letter sent by USPS (United States Postal Service). Having some grammar mistakes, such message reads:

Subject: Package is was not able to be delivered please print out the attached label


Unfortunately we failed to deliver the postal package you have sent on the 19th of September in time because the recipient’s address is erroneous.

Please print out the shipment label attached and collect the package at our office.

United States Postal Service

Once downloaded and executed onto a system, the attached file “USPS report’ connects to some IP address and downloads the executable file of the malware called FakeSysDef. In addition, FakeSysDef is expected download other components onto the compromised PC, update its copy and even follow commands of its controller.

It’s highly recommended to avoid opening such emails before you are sure that you have made transactions with a sender. If you have any doubt, contact the companies to make sure that letter is sent by them. In addition, it’s also very important having updated anti-virus and anti-spyware programs on board to avoid infiltration of such malwares. If you think you may have this threat on your machine, run a full system scan. If it’s there, you will be reported about Trojan.Win32.Generic!BT.

  1. dhiman says:
    November 19th, 2011 at 9:57 am

    I too got the virus.But unfortunately i had open that exe file.First the virus attacked the system also causing my ram temperature to go high then deleted all my start menu shortcuts,hide all my C drive files and disabled my avast antiviruus.i searched for some results and downloaded the solo anti virus.After that on safe mode i scan for the virus,found it and removed it. I recommend all the affected users to use solo a.v because others wont work.

Your opinion regarding Got letter from USPS? It may be PDF malware

Like us on Facebook