Invoice from CoinTerra?

[gamefixer]

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

[LiteCoinGuy]

"makes me suspect the file to be some sort of trojan or virus."

never recieved such a mail but you can be sure:

it is a virus. 

[cozk]

lol OPEN IT !!!!11

/sarcasm

[Kayex]

Don't bother opening the link.
They can grab your IP.
Just delete the message and move forward with your life.

[juju]

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

Yeah that was almost certainly a virus, that is a common method to send someone a jar file, some people might not understand the executablity of the .jar file-type and just double click it. (Only if Java is installed and the paths are set correctly) If you have any other details it might be helpful for other users, don't bother posting the jar here.

[gamefixer]

It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.



I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.

[juju]

It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.

I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.

I know around 2012 Mac dropped Java being included on the machine by default: http://www.reuters.com/article/2012/10/19/us-apple-java-idUSBRE89I1A920121019

If you opened your terminal on the mac and typed:
which java

If that returns no path then your cool.

[gamefixer]

no java installed here.

[gamefixer]

lol OPEN IT !!!!11

/sarcasm

Thought about opening it on a rig that I test hardware on. If I fry the OS I've got an image I use to restore it from.

Of course I'd disconnect the machine from the network after I saved the .jar file... A guy I know recently had a friend get the cryptolocker virus... Wouldn't want that sort of thing to spread around my office.

[wasserman99]

It all looks fairly legit (the body of the email anyway) and if the return email is a spoof from the surface it looks like its going to cointerra.com.



I'm on a Mac and I dont think I've got anything Java installed but I'm still not clicking on it.

There is no way anything bad could happen if you were to open that (sarcasm). Someone likely got your email from some leaked list of emails that are associated somewhat with bitcoin. If you ignore it and/or report it as spam and/or delete it then you will likely stop receiving attacks via email.

[gamefixer]

There is no way anything bad could happen if you were to open that (sarcasm). Someone likely got your email from some leaked list of emails that are associated somewhat with bitcoin. If you ignore it and/or report it as spam and/or delete it then you will likely stop receiving attacks via email.

I'm just going to delete them when I get them.

[gamefixer]

FWIW, I did send CoinTerra some emails last year. They could very well have been hacked....

[frankenmint]

Seriously though a Jar attachment?


I'm going to guess that this is targeting mobile users to empty their wallets.

[matt4054]

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address

See this thread

[gamefixer]

Seriously though a Jar attachment?


I'm going to guess that this is targeting mobile users to empty their wallets.

Yup, .jar attachment.

I bet if one were to click on it and had Java installed it would install something bad. Theres no way in hell its legit.

[frankenmint]

I would only open it in a previewed mode on my web based email - not on a local email client and only if it was a pdf file - nothing else. Not even HTML nor a Word doc nor ppt.

edit - and also I was expecting it from them.  I wouldn't even bother opening it if it was just solicited to me.

[RKZ72]

Yeah anything which is a .jar extension is a virus of some sort.

[gamefixer]

Two weeks in a row I've received an invoice from them but I've NEVER ordered anything from them. Odd thing too is that the invoice is a .jar which makes me suspect the file to be some sort of trojan or virus.

Anyone else getting these?

Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address

See this thread

As a matter of fact I do have an account with bitmine.ch although I dont know why I set it up??? I never bought anything from them.

[matt4054]

Did you register an account at Bitmine.ch by any chance? Not even talking about an order, just an account i.e. registered e-mail address

See this thread

As a matter of fact I do have an account with bitmine.ch although I dont know why I set it up??? I never bought anything from them.

I highly suspect that registered user accounts have been leaked, for the reasons stated in the thread linked above.

I have no proof but many hints that make me believe so, and your answer is yet another one

[Rannasha]

Seriously though a Jar attachment?


I'm going to guess that this is targeting mobile users to empty their wallets.

It's targeting regular desktop/laptop users. Mobile phones can't run straight up jar files. Even though Android apps are Java-based, there's some additional steps involved to make Java code into something that can run on an Android smartphone. WP and iOS can't run the .jar either.