6 Replies - 365 Views - Last Post: 15 January 2019 - 04:29 PM

#1 gs465456   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 03-April 17

Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 06:40 AM

Hi,

i have got a trojaned MS Doc file on my mail address I only using here.
In my profile the mail address is hidden.

Someone ask for help for a code attached as code.doc containing a trojan.
SHA256: 8221c1d2e2392cefc6d6c7b3ddc136e59420472cf3c0786b0139dfe585344872

So watch out if you get also malware.

Does anyone knows how the sender was able to get my mail address?
Randomly choosen or somehow from here?
As I am using the mail address only here and the mail text talks over source code
it may come from this forum.

Thanks in Advance.

Is This A Good Question/Topic? 0
  • +

Replies To: Getting trojaned Doc on my forum mail address.

#2 modi123_1   User is offline

  • Suitor #2
  • member icon



Reputation: 15168
  • View blog
  • Posts: 60,699
  • Joined: 12-June 08

Re: Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 07:40 AM

Odd. What was the subject and body of the email? Did it have a 'from'?
Was This Post Helpful? 0
  • +
  • -

#3 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6800
  • View blog
  • Posts: 31,388
  • Joined: 10-May 07

Re: Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 07:59 AM

Can you paste the email headers? Exclude your own email address, please.
Was This Post Helpful? 0
  • +
  • -

#4 gs465456   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 03-April 17

Re: Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 11:24 AM

View Postno2pencil, on 15 January 2019 - 02:59 PM, said:

Can you paste the email headers? Exclude your own email address, please.



See https://privatebin.n...bPENxnL8dqKNIk=



Please do not post the containing data here, you can discuss under that link,
because there I can delete any informations for privacy reasons.
IPs, Domains and Mail-Addresses may belong to uninvolved people!!!

Was This Post Helpful? 0
  • +
  • -

#5 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6800
  • View blog
  • Posts: 31,388
  • Joined: 10-May 07

Re: Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 01:45 PM

When I first asked, I was under the impression this was your dream in code email. Without knowing (& I don't need to know) the email that you received the email at: it is possible that it's just guessed. All the time people spam generic names at domains. If I'm reading the headers correctly, the receiving email domain which is not 'code' related, received an email about code. As you only have 3 posts on dream in code, & two of those are here, I find it very unlikely someone grabbed your email from dream in code, in order to spam to it. Two additional items, the email headers show a virus scan, that marked the attachment as clean. Also the sender domain reports to have no spf records, that should have been reason enough to spam the email.
Was This Post Helpful? 0
  • +
  • -

#6 Martyr2   User is offline

  • Programming Theoretician
  • member icon

Reputation: 5434
  • View blog
  • Posts: 14,368
  • Joined: 18-April 07

Re: Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 03:33 PM

Here is a simple plain fact... your email address can always be found out by others. This is because it travels in a relatively insecure world of servers. Sure you can use TLS/SSL etc but this doesn't always guarantee that email is secure the entire way across the Internet. Do remember messages are routed (like all Internet data) through a plethora of servers. Just because you don't tell anyone about it or use it on one server NEVER guarantees that it won't be exposed somewhere. This may also not be the fault of the user, their provider or even a website like DIC.

I wouldn't worry too much about it. Just have virus scanning on and up-to-date. :)
Was This Post Helpful? 0
  • +
  • -

#7 gs465456   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 03-April 17

Re: Getting trojaned Doc on my forum mail address.

Posted 15 January 2019 - 04:29 PM

Thanks a lot of checking it.

It is one of my single-use addresses (trash-mail like) and my thunderbird has only found legitimate incomming mails by dreamincode.

Maybe this was a hit by a generic name generator.

Or I have used it anywhere by fault.

Thanks again for the fast reaction :^:/>

This topic can be closed.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1