Spamvertised 'Scan from a HP OfficeJet' emails lead to exploits and malware

Security researchers from Sophos have intercepted a currently spamvertised malware campaign, enticing end and corporate users into downloading and viewing a malicious HTML file.

Security researchers from Sophos have intercepted a currently spamvertised malware campaign, enticing end and corporate users into downloading and viewing a malicious HTML file.

Sample subjects include:

  • Re: Fwd: Scan from a Hewlett-Packard Officejet 69087080
  • Fwd: Re: Scan from a HP Officejet #43384897
  • Fwd: Re: Scan from a Hewlett-Packard Officejet #1584730
  • Re: Scan from a Hewlett-Packard Officejet 1206754
  • Re: Fwd: Fwd: Scan from a Hewlett-Packard Officejet #886303 1.2
  • Re: Fwd: Fwd: Scan from a HP Officejet #75709542
  • Fwd: Re: Fwd: Scan from a Hewlett-Packard Officejet #128469
  • Fwd: Re: Re: Scan from a Hewlett-Packard Officejet #662447
  • Re: Scan from a HP Officejet #49477094
  • Fwd: Fwd: Scan from a Hewlett-Packard Officejet #885932
  • Fwd: Fwd: Scan from a HP Officejet #09665907

Once the end user downloads and previews the malicious attachment, a script inside the HTML file will attempt to load client-side exploits for external compromised web sites.

End and corporate users are advised to report the emails as spam/malicious and avoid interacting with the content of the email messages.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All