Well, the site it came from was in Russia and casascius.com is in Utah, so I can buy that explanation. I withdraw my previous statement then... either you've hit upon a clever way to market or someone is being a total douche in Russia and I'm happy to give you the benefit of the doubt in this instance.
Not even necessarily in Russia. The IP that was used to send the scam spams from "casascius.net" was in Russia. I checked, and that IP is currently listed in the Spamhaus SBL. Here's a link to the SBL listing page for the scam:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL119864
The IP appears to host an insecure PHP script (ajax.php), and that script was used to send the spam. The spammer could have done this from anywhere; insecure scripts rarely log IPs that connect to them and never include those IPs in the headers of the email that they send. :/ The domain casascius.net is registered through a really scuzzy offshore registrar, and the ownership information for the domain is cloaked in Whois. So I think that the scammer (whoever it is) actually does own that domain.
It is *theoretically* possible that Mike Caldwell (the real Casascius) could have done all this. If he did, he's got a genius IQ, a truly warped imagination, *and* no ethics. People like that exist, but in my experience they are rare. And he doesn't come across as one of them here on the board.
He did send one email to the whole Mt. Gox list. That email warned them about the scam. While *technically* it was unsolicited bulk email and therefore spam, I doubt that the most rabid antispammer would object to what he did. Spamhaus did not, and they clearly must have gotten his email because email addresses on the Mt. Gox list either belonged to a Spamhaus person in the first place or were donated to them after the security breach so that they could monitor scams and phishing attacks aimed at those email addresses.