Spamvertised 'Scan from a HP OfficeJet' emails lead to exploits and malware

Summary:Security researchers from Sophos have intercepted a currently spamvertised malware campaign, enticing end and corporate users into downloading and viewing a malicious HTML file.

Security researchers from Sophos have intercepted a currently spamvertised malware campaign, enticing end and corporate users into downloading and viewing a malicious HTML file.

Sample subjects include:

  • Re: Fwd: Scan from a Hewlett-Packard Officejet 69087080
  • Fwd: Re: Scan from a HP Officejet #43384897
  • Fwd: Re: Scan from a Hewlett-Packard Officejet #1584730
  • Re: Scan from a Hewlett-Packard Officejet 1206754
  • Re: Fwd: Fwd: Scan from a Hewlett-Packard Officejet #886303 1.2
  • Re: Fwd: Fwd: Scan from a HP Officejet #75709542
  • Fwd: Re: Fwd: Scan from a Hewlett-Packard Officejet #128469
  • Fwd: Re: Re: Scan from a Hewlett-Packard Officejet #662447
  • Re: Scan from a HP Officejet #49477094
  • Fwd: Fwd: Scan from a Hewlett-Packard Officejet #885932
  • Fwd: Fwd: Scan from a HP Officejet #09665907

Once the end user downloads and previews the malicious attachment, a script inside the HTML file will attempt to load client-side exploits for external compromised web sites.

End and corporate users are advised to report the emails as spam/malicious and avoid interacting with the content of the email messages.

Topics: Hewlett-Packard, Collaboration, Malware, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.