Received an email and have no idea what it is.

roslinpl

legendary

Activity: 2212

Merit: 1199

Quote from: Phinnaeus Gage on December 30, 2013, 10:48:14 AM

First off, I've never started a thread in this section before, and pretty sure I haven't posted in it, but now I seek advice as to what the following pertains to.

CAUTION: Don't click that URL unless it's somehow opened safely, for I don't know how to do such, hence seeking info.

Quote

Payment Notification Received !

Username: [email protected]
Password: XXXXXXXXX
Current Balance: 1.XXXXXXXX BTC

It was in the spam folder, hence the concern.

Thank you in advance,

~Bruno Kucinskas

moderator action: made link into an image to prevent accidental copy/pasting and auto-hyperlinking scripts.

looks scam for me.
But

maybe you re 1 btc reacher :"P

Caiapfas

member

Activity: 112

Merit: 10

No need to ask this every again

. If the email is from unknown or even know sources and has links go directly to the site and login and see it there.

Delete the email...

problem solved.

^{No matter how good antivirus, firewall or other protection you have it only takes one stupid user to fuck it all up.}

To the rest of us, this is why spam and viruses exist ...stupid users. If everyone deleted spam, spamming would dry up in a month.

Sonny

hero member

Activity: 868

Merit: 1000

Quote from: U1TRA_L0RD on January 28, 2014, 02:16:21 PM

Quote from: Caiapfas on January 28, 2014, 01:42:00 PM

I opened it and it gave me 3 BTC....OMG they are lying to you. open it open it.

Wink

You owe me a new laptop.

lol

U1TRA_L0RD

full member

Activity: 126

Merit: 100

CAUTION: Angry Man with Attitude.

Quote from: Caiapfas on January 28, 2014, 01:42:00 PM

I opened it and it gave me 3 BTC....OMG they are lying to you. open it open it.

Wink

You owe me a new laptop.

Caiapfas

member

Activity: 112

Merit: 10

I opened it and it gave me 3 BTC....OMG they are lying to you. open it open it.

Wink

Caesium

hero member

Activity: 546

Merit: 500

Quote from: ?? on ??

Quote from: U1TRA_L0RD on January 28, 2014, 10:22:53 AM

Quote from: gweedo on December 31, 2013, 11:25:42 PM

I got this same email of course I didn't click it.

I guess this iswhy we dont show our emails to the community.

No cause for everyone of those emails I get, I get 100 emails to do business Wink

That's an impressive ratio. Mine is more like for every 1 legit email, I get 100 of these phishing/spams.

U1TRA_L0RD

full member

Activity: 126

Merit: 100

CAUTION: Angry Man with Attitude.

Quote from: gweedo on December 31, 2013, 11:25:42 PM

I got this same email of course I didn't click it.

I guess this iswhy we dont show our emails to the community.

NixZiZ

member

Activity: 64

Merit: 10

Ouch... Happy I googled this first!

Now to hook up a nice, shiny XP VM, shut off the network after the nasty installs... and see what happens! No patches, of course.

I guess I'll post a video of it later too, just for shits.

U1TRA_L0RD

full member

Activity: 126

Merit: 100

CAUTION: Angry Man with Attitude.

I opened this on my old virus tester laptop and its very nasty, now to go reinstall windows XP.

gweedo

legendary

Activity: 1498

Merit: 1000

I got this same email of course I didn't click it.

rarkenin

hero member

Activity: 784

Merit: 500

NASTY VIRUS

Did a decompile and analysis in a VM, looks very nasty. Disables UAC, downloads a remote access tool, and even crashes my decompiler due to obfuscation. Obviously very complex but also not too polished, debug statements printing to console remain.

PM me to get details about all of the source and a copy of the decompiled/original files, some of which are not directly accessible. I'll send it in a passworded ZIP, but once I send it to you it's YOUR responsibility not to run it.

Caiapfas

member

Activity: 112

Merit: 10

best policy never ever open anything or click any link unless you are expecting it and/or know who sent it. even if it's from someone/some business/some account you know or have and have doubt go directly to the website and login there and delete the email

deepceleron

legendary

Activity: 1512

Merit: 1036

Quote from: grue on December 30, 2013, 12:34:26 PM

the link leads to a page with a java applet. ~~very likely a drive-by download page.~~

edit: confirmed drive-by applet. launches regedit to disable UAC.

Is it able to do this on Java v45? If so, that's what we call zero-day, and it should be captured and sent to Oracle and virus companies.

Java has proved it can never be secure though, in that there has NEVER been a version where your computer couldn't get infected through it just by visiting a web page. Kill with fire.

Phinnaeus Gage

legendary

Activity: 1918

Merit: 1570

Bitcoin: An Idea Worth Spending

Quote from: grue on December 30, 2013, 12:34:26 PM

the link leads to a page with a java applet. ~~very likely a drive-by download page.~~

edit: confirmed drive-by applet. launches regedit to disable UAC.

Thanks, grue, assuming you disabled the link. I was toying with breaking it up so that it wouldn't work, but for some reason opted to give the warning in red instead.

Seldom do I click links in my email, and this one definitely didn't smell right.

Thanks to all that replied.

~TMIBTCITW

grue

legendary

Activity: 2058

Merit: 1431

the link leads to a page with a java applet. ~~very likely a drive-by download page.~~

edit: confirmed drive-by applet. launches regedit to disable UAC.

Seccour

legendary

Activity: 1619

Merit: 1004

Bitcoiner, Crypto-anarchist and Cypherpunk.

Quote from: Colin Miner on December 30, 2013, 10:59:08 AM

Quote from: Phinnaeus Gage on December 30, 2013, 10:48:14 AM

First off, I've never started a thread in this section before, and pretty sure I haven't posted in it, but now I seek advice as to what the following pertains to.

CAUTION: Don't click that URL unless it's somehow opened safely, for I don't know how to do such, hence seeking info.

Quote

Payment Notification Received !

Username: [email protected]
Password: XXXXXXXXX
Current Balance: 1.XXXXXXXX BTC
URL : ~~http://www,11verde.com/AdesSnewds~~

It was in the spam folder, hence the concern.

Thank you in advance,

~Bruno Kucinskas

Its a phishing attempt to get you to click the link Cry

Don't click the link, there is probably a virus at the end of it

So OP, remove the link ^^

Colin Miner

full member

Activity: 196

Merit: 100

Quote from: Phinnaeus Gage on December 30, 2013, 10:48:14 AM

First off, I've never started a thread in this section before, and pretty sure I haven't posted in it, but now I seek advice as to what the following pertains to.

CAUTION: Don't click that URL unless it's somehow opened safely, for I don't know how to do such, hence seeking info.

Quote

Payment Notification Received !

Username: [email protected]
Password: XXXXXXXXX
Current Balance: 1.XXXXXXXX BTC
URL : ~~http://www,11verde.com/AdesSnewds~~

It was in the spam folder, hence the concern.

Thank you in advance,

~Bruno Kucinskas

Its a phishing attempt to get you to click the link Cry

Don't click the link, there is probably a virus at the end of it

Phinnaeus Gage

legendary

Activity: 1918

Merit: 1570

Bitcoin: An Idea Worth Spending

First off, I've never started a thread in this section before, and pretty sure I haven't posted in it, but now I seek advice as to what the following pertains to.

CAUTION: Don't click that URL unless it's somehow opened safely, for I don't know how to do such, hence seeking info.

Quote

Payment Notification Received !

Username: [email protected]
Password: XXXXXXXXX
Current Balance: 1.XXXXXXXX BTC

It was in the spam folder, hence the concern.

Thank you in advance,

~Bruno Kucinskas

moderator action: made link into an image to prevent accidental copy/pasting and auto-hyperlinking scripts.

Topic: Received an email and have no idea what it is. (Read 1414 times)