Virus Alert – Clare Harding – [email protected] – Carters Packaging Ltd

TGH Featured Image Wordcloud

You may have been receiving a huge amount of email spam this morning from Clare Harding at Carters Packaging Ltd with an invoice attachment called Purchase Order 0000035394.doc

Well, this is a virus and seems to be spreading around the internet like wild fire at the moment, so blacklist this email address:
NOTE: Obviously this is an impersonation attack and has not originated from Carters Packaging Ltd.



You should fully virus scan your machines using whichever anti-virus you have. In some cases, you may have to rebuild computers as this seems to run as a process.

The subject of the email will be similar to this:
Purchase Order 0000035394 customer 09221
A little more information on this virus attack:

Rumoured download locations are:

  • malajsie.webzdarma.cz/45y3f34f/7jh4wqd.exe
  • fa31.linux-hosting.de/45y3f34f/7jh4wqd.exe
  • ankarasogukhavadepo.com/45y3f34f/7jh4wqd.exe
  • selimkaucuk.com/45y3f34f/7jh4wqd.exe

It also looks like it stores its executable file in the %temp% directory with a filename of httsser.exe

It could be generating traffic to this IP below so worth blocking that on your systems too:

221.132.35.56

COMMENTS

If you have been affected by this in anyway, we would like to hear from you so leave us a message below using our Disqus system.



Leave us a message...