Estimated reading time: 2 minutes
You may have been receiving a huge amount of email spam this morning from Clare Harding at Carters Packaging Ltd with an invoice attachment called Purchase Order 0000035394.doc
Well, this is a virus and seems to be spreading around the internet like wild fire at the moment, so blacklist this email address:
purchasing@carterspackaging.com
NOTE
Obviously this is an impersonation attack and has not originated from Carters Packaging Ltd.
You should fully virus scan your machines using whichever anti-virus you have. In some cases, you may have to rebuild computers as this seems to run as a process.
The subject of the email will be similar to this:
Purchase Order 0000035394 customer 09221
A little more information on this virus attack
Rumoured download locations are:
- malajsie.webzdarma.cz/45y3f34f/7jh4wqd.exe
- fa31.linux-hosting.de/45y3f34f/7jh4wqd.exe
- ankarasogukhavadepo.com/45y3f34f/7jh4wqd.exe
- selimkaucuk.com/45y3f34f/7jh4wqd.exe
It also looks like it stores its executable file in the %temp% directory with a filename of httsser.exe
It could be generating traffic to this IP below so worth blocking that on your systems too:
221.132.35.56
COMMENTS
If you have been affected by this in anyway, we would like to hear from you so leave us a message below using our comments system.
Share this content:
