Bitcoin Forum
June 25, 2024, 11:31:45 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Invoice from CoinTerra?  (Read 2933 times)
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 18, 2014, 09:26:10 PM
 #1

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?
LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148
Merit: 1011


In Satoshi I Trust


View Profile WWW
August 18, 2014, 09:32:32 PM
 #2

"makes me suspect the file to be some sort of trojan or virus."

never recieved such a mail but you can be sure:

it is a virus.  Wink

cozk
Hero Member
*****
Offline Offline

Activity: 812
Merit: 500



View Profile
August 18, 2014, 09:33:00 PM
 #3

lol OPEN IT !!!!11

/sarcasm
Kayex
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
August 18, 2014, 09:33:54 PM
 #4

Don't bother opening the link.
They can grab your IP.
Just delete the message and move forward with your life.

juju
Sr. Member
****
Offline Offline

Activity: 381
Merit: 250



View Profile
August 18, 2014, 09:34:09 PM
 #5

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

Yeah that was almost certainly a virus, that is a common method to send someone a jar file, some people might not understand the executablity of the .jar file-type and just double click it. (Only if Java is installed and the paths are set correctly) If you have any other details it might be helpful for other users, don't bother posting the jar here.
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 18, 2014, 09:42:09 PM
 #6

It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.



I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.
juju
Sr. Member
****
Offline Offline

Activity: 381
Merit: 250



View Profile
August 18, 2014, 09:45:27 PM
 #7

It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.

I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.

I know around 2012 Mac dropped Java being included on the machine by default: http://www.reuters.com/article/2012/10/19/us-apple-java-idUSBRE89I1A920121019

If you opened your terminal on the mac and typed:
which java

If that returns no path then your cool.
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 18, 2014, 09:53:05 PM
 #8

no java installed here.
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 18, 2014, 09:55:52 PM
 #9

lol OPEN IT !!!!11

/sarcasm

Thought about opening it on a rig that I test hardware on. If I fry the OS I've got an image I use to restore it from.

Of course I'd disconnect the machine from the network after I saved the .jar file... A guy I know recently had a friend get the cryptolocker virus... Wouldn't want that sort of thing to spread around my office.
wasserman99
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250



View Profile
August 19, 2014, 01:56:03 AM
 #10

It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.



I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.
There is no way anything bad could happen if you were to open that (sarcasm). Someone likely got your email from some leaked list of emails that are associated somewhat with bitcoin. If you ignore it and/or report it as spam and/or delete it then you will likely stop receiving attacks via email.

gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 19, 2014, 02:18:42 AM
 #11

There is no way anything bad could happen if you were to open that (sarcasm). Someone likely got your email from some leaked list of emails that are associated somewhat with bitcoin. If you ignore it and/or report it as spam and/or delete it then you will likely stop receiving attacks via email.

I'm just going to delete them when I get them.
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 19, 2014, 02:22:37 AM
 #12

FWIW, I did send CoinTerra some emails last year. They could very well have been hacked....
frankenmint
Legendary
*
Offline Offline

Activity: 1456
Merit: 1018


HoneybadgerOfMoney.com Weed4bitcoin.com


View Profile WWW
August 19, 2014, 02:23:56 AM
 #13

Seriously though a Jar attachment?


I'm going to guess that this is targeting mobile users to empty their wallets.

matt4054
Legendary
*
Offline Offline

Activity: 1946
Merit: 1035



View Profile
August 19, 2014, 02:24:04 AM
 #14

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address

See this thread
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 19, 2014, 02:26:18 AM
 #15

Seriously though a Jar attachment?


I'm going to guess that this is targeting mobile users to empty their wallets.


Yup, .jar attachment.

I bet if one were to click on it and had Java installed it would install something bad. Theres no way in hell its legit.
frankenmint
Legendary
*
Offline Offline

Activity: 1456
Merit: 1018


HoneybadgerOfMoney.com Weed4bitcoin.com


View Profile WWW
August 19, 2014, 02:29:14 AM
 #16

I would only open it in a previewed mode on my web based email - not on a local email client and only if it was a pdf file - nothing else. Not even HTML nor a Word doc nor ppt.

edit - and also I was expecting it from them.  I wouldn't even bother opening it if it was just solicited to me.

RKZ72
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile
August 19, 2014, 02:29:23 AM
 #17

Yeah anything which is a .jar extension is a virus of some sort.
gamefixer (OP)
Sr. Member
****
Offline Offline

Activity: 440
Merit: 250


View Profile
August 19, 2014, 02:37:12 AM
 #18

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address

See this thread

As a matter of fact I do have an account with bitmine.ch although I dont know why I set it up??? I never bought anything from them.
matt4054
Legendary
*
Offline Offline

Activity: 1946
Merit: 1035



View Profile
August 19, 2014, 02:51:54 AM
 #19

Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address

See this thread

As a matter of fact I do have an account with bitmine.ch although I dont know why I set it up??? I never bought anything from them.

I highly suspect that registered user accounts have been leaked, for the reasons stated in the thread linked above.

I have no proof but many hints that make me believe so, and your answer is yet another one Undecided
Rannasha
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500


View Profile
August 19, 2014, 06:04:29 AM
 #20

Seriously though a Jar attachment?


I'm going to guess that this is targeting mobile users to empty their wallets.


It's targeting regular desktop/laptop users. Mobile phones can't run straight up jar files. Even though Android apps are Java-based, there's some additional steps involved to make Java code into something that can run on an Android smartphone. WP and iOS can't run the .jar either.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!