Message: Courier who led U.S. to Osama bin Laden’s hideout identified. Signature spoofed by XXXXXXXXXXXXXXX spoofed. This is a multi-part message in MIME format. Message: “Laden’s Death.doc” Message was sent via email from a compromised Lotus Notes mail server, apparently compromised with a compromised email server in Taiwan. The message was sent from a static IP in Taiwan with the domain name “Notess1.protech.com.tw””]
Source: http://contagiodump.blogspot.com/2011/05/may-3-cve-2010-3333-doc-courier-who-led.html