From: Ashley Madison [mailto:donotreply@ashleymadison.com]
Sent: 05 June 2012 04:12
Subject: Scan from a HP ScanJet #593159
Attached document was scanned and sent
to you using a Hewlett-Packard HP Officejet 6821P.
Sent by: Daxton
Images : 3
Attachment Type: .HTM [INTERNET EXPLORER]
Hewlett-Packard Officejet Location: machine location not set
Device: ODS400LA6DS57679188
The malware can be found at [donotclick]uzindexation.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (report here) which is hosted on a bunch of IP addresses we saw in this attack:
50.57.43.49 (Slicehost, US)
50.57.88.200 (Slicehost, US)
184.106.200.65 (Slicehost, US)
187.85.160.106 (Ksys Soluções Web, Brazil)
No comments:
Post a Comment