Bitcoin Forum>Economy>Marketplace>Service Discussion
Author

Topic: New Virus/Malware! (Read 1890 times)

phantomcircuit
sr. member
Activity: 463
Merit: 252
New Virus/Malware!
September 14, 2014, 09:10:23 PM
#9
Quote from: xcapator on September 13, 2014, 10:07:12 PM
Jar files should have been blocked and
Quote from: handmade in CTA on September 13, 2014, 03:28:38 AM
One more... Smiley This bastards never stops.

Dear Users

we make program Google Authenticator security For Cloud Hashing .

you need to setup the program in computer then make Google Code

we attach Google Authenticator Program

Sincerely,

Cloud Hashing

[email protected]

Google Authenticator.jar

I also got an email that appeared to be sent from Cloudhashing :

Quote
Subject: Invoice 764
Date: Wed, 10 Sep 2014 02:19:01 +1100
From: CloudHashing <[email protected]>

Invoice Payment Confirmation

Kind regards

Mobile: +1 (510) 973-1050
Phone: +1 (530) cloudhashing
Fax: +1 (510) 573-2760
Technology IQ Ltd. 11130 Jollyville Rd. Ste. 304 Austin TX 78759

The email contained a so-called invoice payment confirmation (Invoice_764.jar) as an attachment. I immediately deleted the email before my system getting infected


If you check the headers you'll find that the email was sent from smtp.com.

The email does NOT come from cloudhashing.

Please forward the email with a complaint to [email protected]
giveBTCpls
sr. member
Activity: 322
Merit: 250
Re: New Virus/Malware!
September 14, 2014, 06:05:28 PM
#8
I always double check the email addreses for something suspicious, but this one seems pretty well done. In any case, I would contact the original source about them sending jar files with executables first... suspicious.
xcapator
sr. member
Activity: 322
Merit: 252
Here I Am !!
Re: New Virus/Malware!
September 13, 2014, 10:07:12 PM
#7
Jar files should have been blocked and
Quote from: handmade in CTA on September 13, 2014, 03:28:38 AM
One more... Smiley This bastards never stops.

Dear Users

we make program Google Authenticator security For Cloud Hashing .

you need to setup the program in computer then make Google Code

we attach Google Authenticator Program

Sincerely,

Cloud Hashing

[email protected]

Google Authenticator.jar

I also got an email that appeared to be sent from Cloudhashing :

Quote
Subject: Invoice 764
Date: Wed, 10 Sep 2014 02:19:01 +1100
From: CloudHashing <[email protected]>

Invoice Payment Confirmation

Kind regards

Mobile: +1 (510) 973-1050
Phone: +1 (530) cloudhashing
Fax: +1 (510) 573-2760
Technology IQ Ltd. 11130 Jollyville Rd. Ste. 304 Austin TX 78759

The email contained a so-called invoice payment confirmation (Invoice_764.jar) as an attachment. I immediately deleted the email before my system getting infected
handmade in CTA
newbie
Activity: 6
Merit: 0
Re: New Virus/Malware!
September 13, 2014, 03:28:38 AM
#6
One more... Smiley This bastards never stops.

Dear Users

we make program Google Authenticator security For Cloud Hashing .

you need to setup the program in computer then make Google Code

we attach Google Authenticator Program

Sincerely,

Cloud Hashing

[email protected]

Google Authenticator.jar
Xiaoxiao
legendary
Activity: 1274
Merit: 1000
The Golden Rule Rules
Re: New Virus/Malware!
September 12, 2014, 01:52:43 AM
#5
Quote from: handmade in CTA on September 11, 2014, 07:15:07 AM
If you receive an bogus email from CoinTerra with an attachament (.jar) do not open. Its a bogus email with a virus. CoinTerra do not send emails like this.


Invoice Payment Confirmation

Kind regards

Mobile: +1 (410) 963-0061
Phone: +1 (430) 487-5488
Fax: +1 (410) 543-1761

Invoice_9985.jar

cointerra Technology IQ Ltd.1140 Jollyville Rd. Ste. 354 Austin TX 78659



This happend to me in fact.  Since I was with gmail, gmail even offered to open the file within gmail.  similar to how you can open pdf's and other documents by gmail without having to download 1st.
arieq
sr. member
Activity: 364
Merit: 256
Re: New Virus/Malware!
September 11, 2014, 09:49:15 PM
#4
I got an email titled "OKCoin Invoice" today with the same malware (jar file) attached. It seems the malware is being widely spread.

More information can be found here www.reddit.com/r/ReverseEngineering/comments/2291z8/how_badly_did_i_get_owned/
Jamie_Boulder
sr. member
Activity: 378
Merit: 250
Re: New Virus/Malware!
September 11, 2014, 08:43:40 AM
#3
There's also one for Robyn Williams "tribute video" going around, just a FYI
MTJ151
full member
Activity: 221
Merit: 100
Re: New Virus/Malware!
September 11, 2014, 07:35:53 AM
#2
I believe that I received this e-mail a few weeks ago. Although it was from a different random company.

The .jar file contained an exe which I did not dare to click/extract.
handmade in CTA
newbie
Activity: 6
Merit: 0
Re: New Virus/Malware!
September 11, 2014, 07:15:07 AM
#1
If you receive an bogus email from CoinTerra with an attachament (.jar) do not open. Its a bogus email with a virus. CoinTerra do not send emails like this.


Invoice Payment Confirmation

Kind regards

Mobile: +1 (410) 963-0061
Phone: +1 (430) 487-5488
Fax: +1 (410) 543-1761

Invoice_9985.jar

cointerra Technology IQ Ltd.1140 Jollyville Rd. Ste. 354 Austin TX 78659

Bitcoin Forum>Economy>Marketplace>Service Discussion
Jump to: