The Latest in IT Security

“Scan from a Hewlett-Packard ScanJet” spam / anapoli.ru

16
Aug
2012

More fake printer spam, this time leading to malware on anapoli.ru:

Date:      Thu, 16 Aug 2012 12:20:25 +0500
From:      Mariah Gunn via LinkedIn [[email protected]]
Subject:      Fwd: Scan from a Hewlett-Packard ScanJet #88682504
Attachments:     HP_scanDoc.htm

Attached document was scanned and sent

to you using a Hewlett-Packard HP 90027P.

SENT BY : SAVANNAH
PAGES : 1
FILETYPE: .HTML [Internet Explorer File]

The malicious payload is on [donotclick]anapoli.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (report here) hosted on a bunch of familiar looking IP addresses:
50.56.92.47 (Slicehost, US)
190.120.228.92 (Infolink, Panama)
203.80.16.81 (Myren, Malaysia)

Leave a reply


Categories

THURSDAY, DECEMBER 14, 2017

Featured

Archives

Latest Comments

Social Networks