The Latest in IT Security

“Scan from a HP ScanJet” spam / uzindexation.ru

06
Jun
2012

This fake HP OfficeJet spam leads to malware on uzindexation.ru:

From: Ashley Madison [mailto:[email protected]]
Sent: 05 June 2012 04:12
Subject: Scan from a HP ScanJet #593159

Attached document was scanned and sent
to you using a Hewlett-Packard HP Officejet 6821P.
Sent by: Daxton
Images : 3
Attachment Type: .HTM [INTERNET EXPLORER]

Hewlett-Packard Officejet Location: machine location not set
Device: ODS400LA6DS57679188

The malware can be found at [donotclick]uzindexation.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (report here) which is hosted on a bunch of IP addresses we saw in this attack:

50.57.43.49 (Slicehost, US)
50.57.88.200 (Slicehost, US)
184.106.200.65 (Slicehost, US)
187.85.160.106 (Ksys Solucoes Web, Brazil)

Leave a reply


Categories

TUESDAY, DECEMBER 10, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments