• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Newegg Virus...

I

ITJunkie

Platinum Member
Not sure if anyone has posted this yet but received a receipt for a purchase from Newegg today that was never made. Of course, it had the "receipt" supposedly in pdf form attached to the email. It's a virus as confirmed by Newegg Customer Support.
I have to admit that this is one of the more clever ones...the fvcking b@st@rds!! :|
 
Thanks for the warning. I just got my Newegg "Receipt", for an order that I never placed.

Hopefully, my Exchange Server's AV took care of it. But I think I won't tempt fate by playing with that attachment.

The attachment is called "order_37679041.zip", although the email from "Newegg" says it's a .PDF. It's for a $2500 Sony VAIO computer.
 
Originally posted by: RebateMonger
Thanks for the warning. I just got my Newegg "Receipt", for an order that I never placed.

Hopefully, my Exchange Server's AV took care of it. But I think I won't tempt fate by playing with that attachment.

The attachment is called "order_37679041.zip", although the email from "Newegg" says it's a .PDF. It's for a $2500 Sony VAIO computer.
Click to expand...

Something like this?
 
Originally posted by: RebateMonger
Originally posted by: n0cmonkey
Something like this?
Click to expand...
Exactly. And I imagine that it WASN'T detected by my Exchange Antivirus, although I use eTrust, which the SANS.ORG note says is able to detect it.
Click to expand...

I know...mine didn't catch it either but at least I was able to stop it before anyone did something with it 🙂
 
I've gotten a couple of them, some marked as orders from Circuit City, Newegg, Buy.com, and Overstock?

Virus writers have become smarter.
 
Originally posted by: Parasitic
Virus writers have become smarter.
Click to expand...
I recall a couple of emails over the years that tempted me to open them, and turned out to be malware So far, I've resisted temptation, but some have been pretty clever and I wouldn't call somebody an idiot if he/she opened them up.

The scary thing about some (including this one) is that they've included new varieties of malware that weren't caught by up-to-date AntiVirus programs. You had to wait a day before the AV makers caught up.

This latest one has the following traits:
An ALMOST-literate cover letter. Thre are a couple of slips, but it's not bad. At least all the words are spelled properly.
An appeal to greed. Everybody likes getting free stuff.
An attachment in .ZIP format, which gets by most email filters.
A claimed .PDF format for the attachment, which most people consider "safe".
A .ZIP format, which is tougher to scan because of the embedded nature of the actual content.
 
Originally posted by: RebateMonger
Originally posted by: Parasitic
Virus writers have become smarter.
Click to expand...
I recall a couple of emails over the years that tempted me to open them, and turned out to be malware So far, I've resisted temptation, but some have been pretty clever and I wouldn't call somebody an idiot if he/she opened them up.

The scary thing about some (including this one) is that they've included new varieties of malware that weren't caught by up-to-date AntiVirus programs. You had to wait a day before the AV makers caught up.

This latest one has the following traits:
An ALMOST-literate cover letter. Thre are a couple of slips, but it's not bad. At least all the words are spelled properly.
An appeal to greed. Everybody likes getting free stuff.
An attachment in .ZIP format, which gets by most email filters.
A claimed .PDF format for the attachment, which most people consider "safe".
A .ZIP format, which is tougher to scan because of the embedded nature of the actual content.
Click to expand...

is this new malware an actual pdf file that exploits a flow in the adobe reader? or is it really a disguised executable?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top