Dynamoo's Blog: "Scan from a Xerox W. Pro" spam / 184.22.115.24

Thursday, 19 April 2012

"Scan from a Xerox W. Pro" spam / 184.22.115.24

Another malicious (and fake) printer spam leading to malware:

From: MollieFaw@hotmail.com [mailto:MollieFaw@hotmail.com]
Sent: 19. april 2012 10:40
Subject: Re: Fwd: Fwd: Scan from a Xerox W. Pro #55048919

A Document was sent to you using a XEROX SuperJet 036582425.SENT BY : MIRIAM
IMAGS : 97
FORMAT (.JPG) DOWNLOAD

DEVICE: 69972L7ODS736028L

In this case the malicious payload is on 184.22.115.24/showthread.php?t=34c79594e8b8ac0f (report here) which is hosted by HostNOC in the US.

2 comments:

mujeeb said...: Actaully what is the purpose of this spam?; 14 May 2012 at 10:41
Conrad Longmore said...: The link in the email goes to an exploit kit (probably Blackhole or Phoenix) which loads malware onto the computer.; 14 May 2012 at 14:29

Subscribe to: Post Comments (Atom)