Warning! JavaScript is turned off or disabled! Some features on this website will not work.
« »
»

Beware of .JAR Java Archive Virus Email Message Attachments

2018-08-21T06:49:11  +
Beware of .JAR Java Archive Virus Email Message Attachments

Online users, do not open email attachments with file extensions or names ending with ".jar". This is because cybercriminals are sending out fake emails to potential victims with a malicious Java file (.jar) attached. The fake emails have a deceptive message, which instructs the recipients to open the same attached malicious Java file. But, any attempts to open the attached malicious ".jar" file will result in the recipients' computers getting infected with a virus, spyware, ransomware or other malware. Therefore, online users are asked not to open email attachments with names ending with ".jar", even if the email messages appear to have been sent from someone they know, or a legitimate organization

A Sample of an Email with a Malicious “.jar” File Attached

an Email with a Malicious “.jar” Attachment

"SCAN COPY PDF...1001.jar"

The malicious attachment (.jar) contains a malware called “Backdoor:Java/Adwind” that installs a malicious component or codes onto your computer, which opens a backdoor on it. Once the backdoor is open on your computer, the cybercriminals behind the malicious email message will be able to access your computer silently, infect your computer with other malware, steal your information, and may use your computer to commit other cybercrimes that will be traced back to your computer. If this should happen to you, do not be surprised if one day you see the police at your doorsteps with a warrant to search your home and confiscate your computer, because some form of online criminal activities, which you know nothing about, were traced back to your location and computer.

Most antivirus software will detect and remove the malicious attachment before it infects your computer. But, the smart thing to do, is to delete the email message.

Online users who have received the fake email messages and have been tricked into opening the malicious “.jar” attachment are asked to do a full scan of their computers with their antivirus software.

Related article:

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

Remember to help us, help you, by donating. 🎁Click here to donate

Comments, Questions and Reviews ✍
(Total: 19)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • Posted: Nov 23, 2017 at 1:48 PM by info

    Here is another malicious email:

    ------ Forwarded Message
    From: April Leal
    Date: Thu, 23 Nov 2017 18:42:58 0200
    To: me
    Subject: FW: Purchase Order 22344E from Barclay Butera Inc. - NB

    delete


  • Posted: Sep 23, 2017 at 5:54 AM by info

    Here is another malicious attachment:

    "From: AthAA
    To: All Faculty and Staff
    Subject: IMPORTANT
    Please refer to the attachment carefully
    Thank you
    Attachment: Payment_Invoice.JAR"

    delete


  • Posted: Sep 21, 2017 at 5:20 AM by info

    Here is another scam:

    "Subject: Inquiry T09824
    Date: Thu 21/09/2017 03:00
    From: "B.hrain Stephen"
    To: undisclosed-recipients:
    Attachment: T09824_PTRl.pdf Terms.jpg.jar 497 KB

    Dear Sir

    Please kindly find the attached and quote us your best price ASAP.

    NOTE: Include our order number in your quotation.

    Best Regards...

    B.hrain

    Senior Engineer
    PRTRO-LINE GLOBAL CO. LTD
    UNIT1, Samiullah, Vasai, India
    Tel: 918950598722
    FAX: 9189504723/4"

    delete


  • Posted: Sep 20, 2017 at 12:20 PM by info

    Received via email:

    "The file "I left this for you.pdf.jar" is on all the disk drives of one of my computers, including the pen drive. When I delete the file, it takes 5 seconds and it comes back again. I opened the file through Winrar and found it to be a malicious program. I've already tried antivirus and Google search and got no results. I'll send the file for you to review.
    I hope you can help me.

    Thank you very much!
    Best regards
    Gildicley"


    --- ----
    Start the computers in Safe Mode and then scan them for viruses. Or, if you have Avast antivirus, use their Boot-Time scan.

    delete


  • Posted: Sep 18, 2017 at 12:25 PM by info

    Here is another malicious email:

    "Re: Re: CHEQUE PAYMENT
    Mon 18/09/2017 06:35
    From: ACCOUNTANT
    Attachment: CHEQUE READY.jar

    DEAR SIR,

    PLEASE KINDLY COLLECT YOUR PAYMENT AS PER ATTACHMENT CHEQUE.

    confirm mentioned account number with IBAN number OK.

    Thank you,
    Best regards
    Azad abdul
    Account Manager
    Traffic Control Center
    Tel : 33849994
    : 70083195"

    delete


  • Posted: Sep 7, 2017 at 11:20 AM by an anonymous user from or near: Detroit, Michigan, United States

    Scammers address 2500 terrace ave. In California they email me saying they were from CC company. Can't find an address for the true company. Google map it.

    delete


  • Posted: Aug 30, 2017 at 10:08 PM by info

    Here is another malicious email:

    -- start of scam --
    Subject: PO 605-D382
    Date: Wed 30/08/2017 22:06
    From: "Kang Wooyoung"
    Attachment: PO 605-D382.jar (554 KB)

    Dear Sir,

    Please we want to make new order for the enclosed products
    Kindly find attached our purchase order and give us your current available product price list,

    Best FOB Prices with clear photos of your latest catalog, Payment term ( LC or TT ), MOQ & ETD.
    Also put into consideration time as I will want this products delivered Ending of next month latest.

    Awaiting your prompt response, please.

    Thank and Best Regards,

    Kang Wooyoung

    Sales Manager

    Office: 17-1-4 U Ghe Street, Tam Phu Wards,
    Thu Duc Dist. Ho Chi Minh City
    Tel: 08.2218.1960 - 08.2229.1970 -
    Fax: 08.5422.4738
    kang.wooyoung@gmail.com
    Web: www.inminhlang.com

    delete


  • Posted: Jul 31, 2017 at 10:50 PM by info

    Here is another malicious email:

    "Subject: PURCHASE ORDER
    Attachment: attached Purchase order.jar

    Dear sir/ Madam,

    Pleasure to book for the attached Purchase order,

    Kindly send us order confirmation without delay indicating the following as clearly specified in our order.

    Can you please provide us with your proforma Invoice and transaction sheet for the required payment.

    If we place this order within this month, Please confirm to us your arrangement & supply the material to our project site.

    Thanks & Regards,
    Nadim Mulla
    Purchase Department
    [Inline image URL : ]

    D One Marine LLC | T: 971 4 4426395 Ext.108 | F: 971 4 4426895 | M: 971 559353417 QQ 2032766852

    P.O. Box 64464 | Loc: WS#110,Dubai Maritime City,Dubai UAE |purchase3@d1marine.co | www.d1marine.com"

    delete


  • Posted: Jul 30, 2017 at 1:04 AM by an anonymous user from or near: Wellington, New Zealand

    This is a question... If you download a popular .jar file that a lot of famous you-tubers have opened and installed is there still a chance that it could have a virus?

    Thanks

    delete


    • Posted: Jul 30, 2017 at 2:53 AM by info

      Not all .jar files are viruses. Therefore, download the file, go to www.virustotal.com, upload the file to the same website and scan it for viruses. After scanning, the website will tell you if the file is malicious or not.

      delete


  • Posted: Jul 13, 2017 at 2:16 PM by an anonymous user from or near: Kollam, Kerala, India

    May I know from where can I get sample .jar malware? From where can I download them? I need to analyse them in a virtual environment as part of my learning. Any help would be really helpful.

    delete


  • Posted: Jul 5, 2017 at 9:38 PM by an anonymous user from or near: Kuala Lumpur, Malaysia

    My colleague just got one today and she is so scared. She sent to me and asked me to have a look. I asked her to delete and ignore it.

    "Attachment: lawsuit file document.jar

    Subject: URGENT (Vessel Arrest on court Order).
    Date: Thu, 6 Jul 2017 06:54:59 0600 (BDT)
    From: KudrI & Djamaris
    Reply-To: office@kndlawyers.com

    Dear Sir,

    We have been appointed to proceed with legal steps in arresting your vessel due to your inability to clear your long overdue payment with our client. Our client claims that several reminder has been sent to you on this subject matter without getting any response from you.

    Find attached lawsuit filed by our client including Court and lawyer cost. Kindly review and revert with your comment. Meanwhile, vessel will be arrested by the court till further notice.

    Your urgent response will be appreciated.

    THANK YOU AND BEST REGARDS

    KudrI & Djamaris
    Attorneys - Counsellor at Law
    Mayapada Tower 5th floor
    Jl. Jend. Sudirman Kav.28,
    Jakarta 12920, Indonesia
    Telephone.: 62 21 522 5453
    Fax.: 62 21 522 5452
    Email.: office@kndlawyers.com"

    delete


  • Posted: Jul 5, 2017 at 6:03 AM by an anonymous user from or near: Cardiff, Wales, United Kingdom

    Got one of these today:

    "Attachment New Order. jar (590kb)

    Dear Sir

    I have called your office phone but cannot connect to you, could you please look into the attached New Order immediately and then arrange to send us proforma invoice.

    Awaiting your swift response.

    Best Regards

    Assem Abdulsalam
    Head of Middle East
    Ascensia Diabetes Care
    P.O. Box 02 Jeddah 21411
    KSA
    Phone: 966 12 660 4757
    Cell: 966 505 646969"

    Needless to say I marked it as Spam without opening it.

    delete


  • Posted: Jun 7, 2017 at 6:20 AM by info

    Here is another malicious email:

    "Subject: Urgent Order
    Date: Tue 06/06/2017 21:48
    From: ag.kum.aiguo@qq.com
    Attachment: FOB.pdf.jar (473 KB)

    Dear We have emailed your company a week ago about our interested in your products and we have not heard from your company. I hope all is well with you, Please quote your best prices on FOB as attached

    Please kindly send us your catalog.
    Best Regards
    Mr. Chiang Lin (Manager)
    Taiwan Semiconductor Manufacturing Company Limited
    ag.kum.aiguo@qq.com, ag.kum.aiguo@outlook.com
    skype: Chiang Lin"

    delete


  • Posted: Jun 5, 2017 at 4:51 AM by info

    Here is another malicious email:

    -- start of malicious email --
    "Subject: Purchase Contract/ PON02017/072/
    Date: Mon 05/06/2017 04:07
    From: Beatriz Salazar
    Attachments: PO201(07).zip 574 KB

    Dear Sir,

    How are you?
    I attach the approved proforma of our order PON02017/072/
    please quote FOB to Port of St. Petersburg Russia 4x 20ft FCL
    I await your reply.

    Thanks you.
    Beatriz Salazar
    Megapolis Group
    Corporate Head Office Russia
    27 Kalanchevskaya Street
    Moscow 107078
    Russian Federation

    Tel. 7 495 620-91-91
    7 495 974-25-15
    Telex 412089 ALFARU
    Fax: 7 (495) 642 9828
    e-mail: dbtc.career@db.com
    -- end of malicious email --

    delete


  • Posted: Jun 5, 2017 at 3:36 AM by info

    Here is another malicious email message:

    "Subject: proforma invoice
    Sun 04/06/2017 23:42
    From: Customer Account Executive - CS
    Attachments: PROFORMAL INVOICE.jar 501 KB

    Kindly send us order confirmation without delay indicating the following as clearly specified in our order.

    Can you please provide us with your Proforma Invoice and transaction sheet for the required payment.

    If we place this order within this month, Please confirm to your arrangement & supply the material to our project site.

    Best Regards

    Senior Project Engineer And Sales Engineer
    Awaiting for your favorable feedback.
    If there is any clarification please feel free to contact me."

    delete


  • Posted: May 31, 2017 at 2:34 PM by info

    Here is another scam:

    "From: Linn Beckler
    Sent: 31 May 2017 17:58
    Attachment: COURT CASE DETAILED BRIEFING30-05-2017_obfuscated.jar
    Subject: Re: Court Case #129 Ref No #763722

    Hello Good Day,

    A COURT CASE has been established against you on Tuesday 30th May, 2017 by the housing agency.
    Find the attached for the detail and contact your Lawyer immediately.

    Yours,
    Bar. Linn Beckler"

    delete


  • Posted: May 31, 2017 at 10:39 AM by info

    Here is another malicious email:

    "Subject: Urgent Order
    Date: Wed 31/05/2017 03:48
    From: ag.kum.aiguo@qq.com
    Attachment: FOB.pdf.jar 473 KB

    Dear
    We have emailed your company a week ago about our interested in your products and we have not heard from your company.
    I hope all is well with you, Please quote your best prices on FOB as attached Please kindly send us your catalog.

    Best Regards Mr. Chiang Lin (Manager)
    Taiwan Semiconductor Manufacturing Company Limited
    ag.kum.aiguo@qq.com, ag.kum.aiguo@outlook.com skype: Chiang Lin"

    delete


  • Posted: Apr 23, 2017 at 7:54 PM by info

    Here is a fake email message with a malicious .jar file:

    "Subject: Time Sheet and Security Sign on Sheet
    Date: Sun 23/04/2017 19:50
    From: AIG Security Group

    Good morning

    Please find attached the Time sheet for week 05.04.2017-11.04.2017 and security sign sheet.

    Thank You

    Janise Coleman
    AIG Security Group

    Address: 184 Grange Rd, Fairfield
    VIC 3078, Australia
    Phone: 61 1300 600 578"

    delete


Show More of the 19 Comments
Write Your Comment, Question or Review
Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.