gamefixer (OP)
|
|
August 18, 2014, 09:26:10 PM |
|
Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.
Anyone else getting these?
|
|
|
|
LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
August 18, 2014, 09:32:32 PM |
|
"makes me suspect the file to be some sort of trojan or virus."never recieved such a mail but you can be sure: it is a virus.
|
|
|
|
cozk
|
|
August 18, 2014, 09:33:00 PM |
|
lol OPEN IT !!!!11
/sarcasm
|
|
|
|
Kayex
Member
Offline
Activity: 84
Merit: 10
|
|
August 18, 2014, 09:33:54 PM |
|
Don't bother opening the link. They can grab your IP. Just delete the message and move forward with your life.
|
|
|
|
juju
|
|
August 18, 2014, 09:34:09 PM |
|
Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.
Anyone else getting these?
Yeah that was almost certainly a virus, that is a common method to send someone a jar file, some people might not understand the executablity of the .jar file-type and just double click it. (Only if Java is installed and the paths are set correctly) If you have any other details it might be helpful for other users, don't bother posting the jar here.
|
|
|
|
gamefixer (OP)
|
|
August 18, 2014, 09:42:09 PM |
|
It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com. I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.
|
|
|
|
juju
|
|
August 18, 2014, 09:45:27 PM |
|
It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.
I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.
I know around 2012 Mac dropped Java being included on the machine by default: http://www.reuters.com/article/2012/10/19/us-apple-java-idUSBRE89I1A920121019If you opened your terminal on the mac and typed: which java If that returns no path then your cool.
|
|
|
|
gamefixer (OP)
|
|
August 18, 2014, 09:53:05 PM |
|
no java installed here.
|
|
|
|
gamefixer (OP)
|
|
August 18, 2014, 09:55:52 PM |
|
lol OPEN IT !!!!11
/sarcasm
Thought about opening it on a rig that I test hardware on. If I fry the OS I've got an image I use to restore it from. Of course I'd disconnect the machine from the network after I saved the .jar file... A guy I know recently had a friend get the cryptolocker virus... Wouldn't want that sort of thing to spread around my office.
|
|
|
|
wasserman99
|
|
August 19, 2014, 01:56:03 AM |
|
It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com. I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it. There is no way anything bad could happen if you were to open that (sarcasm). Someone likely got your email from some leaked list of emails that are associated somewhat with bitcoin. If you ignore it and/or report it as spam and/or delete it then you will likely stop receiving attacks via email.
|
|
|
|
gamefixer (OP)
|
|
August 19, 2014, 02:18:42 AM |
|
There is no way anything bad could happen if you were to open that (sarcasm). Someone likely got your email from some leaked list of emails that are associated somewhat with bitcoin. If you ignore it and/or report it as spam and/or delete it then you will likely stop receiving attacks via email.
I'm just going to delete them when I get them.
|
|
|
|
gamefixer (OP)
|
|
August 19, 2014, 02:22:37 AM |
|
FWIW, I did send CoinTerra some emails last year. They could very well have been hacked....
|
|
|
|
frankenmint
Legendary
Offline
Activity: 1456
Merit: 1018
HoneybadgerOfMoney.com Weed4bitcoin.com
|
|
August 19, 2014, 02:23:56 AM |
|
Seriously though a Jar attachment?
I'm going to guess that this is targeting mobile users to empty their wallets.
|
|
|
|
matt4054
Legendary
Offline
Activity: 1946
Merit: 1035
|
|
August 19, 2014, 02:24:04 AM |
|
Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.
Anyone else getting these?
Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address See this thread
|
|
|
|
gamefixer (OP)
|
|
August 19, 2014, 02:26:18 AM |
|
Seriously though a Jar attachment?
I'm going to guess that this is targeting mobile users to empty their wallets.
Yup, .jar attachment. I bet if one were to click on it and had Java installed it would install something bad. Theres no way in hell its legit.
|
|
|
|
frankenmint
Legendary
Offline
Activity: 1456
Merit: 1018
HoneybadgerOfMoney.com Weed4bitcoin.com
|
|
August 19, 2014, 02:29:14 AM |
|
I would only open it in a previewed mode on my web based email - not on a local email client and only if it was a pdf file - nothing else. Not even HTML nor a Word doc nor ppt.
edit - and also I was expecting it from them. I wouldn't even bother opening it if it was just solicited to me.
|
|
|
|
RKZ72
Newbie
Offline
Activity: 15
Merit: 0
|
|
August 19, 2014, 02:29:23 AM |
|
Yeah anything which is a .jar extension is a virus of some sort.
|
|
|
|
gamefixer (OP)
|
|
August 19, 2014, 02:37:12 AM |
|
Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.
Anyone else getting these?
Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address See this threadAs a matter of fact I do have an account with bitmine.ch although I dont know why I set it up??? I never bought anything from them.
|
|
|
|
matt4054
Legendary
Offline
Activity: 1946
Merit: 1035
|
|
August 19, 2014, 02:51:54 AM |
|
Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address See this threadAs a matter of fact I do have an account with bitmine.ch although I dont know why I set it up??? I never bought anything from them. I highly suspect that registered user accounts have been leaked, for the reasons stated in the thread linked above. I have no proof but many hints that make me believe so, and your answer is yet another one
|
|
|
|
Rannasha
|
|
August 19, 2014, 06:04:29 AM |
|
Seriously though a Jar attachment?
I'm going to guess that this is targeting mobile users to empty their wallets.
It's targeting regular desktop/laptop users. Mobile phones can't run straight up jar files. Even though Android apps are Java-based, there's some additional steps involved to make Java code into something that can run on an Android smartphone. WP and iOS can't run the .jar either.
|
|
|
|
|