ID: IRCNE2012021414
Date: 2012-02-25
According to "zdnet", security researchers from Sophos have intercepted a currently spamvertised malware campaign, enticing end and corporate users into downloading and viewing a malicious HTML file.
Sample subjects include:
- Re: Fwd: Scan from a Hewlett-Packard Officejet 69087080
- Fwd: Re: Scan from a HP Officejet #43384897
- Fwd: Re: Scan from a Hewlett-Packard Officejet #1584730
- Re: Scan from a Hewlett-Packard Officejet 1206754
- Re: Fwd: Fwd: Scan from a Hewlett-Packard Officejet #886303 1.2
- Re: Fwd: Fwd: Scan from a HP Officejet #75709542
- Fwd: Re: Fwd: Scan from a Hewlett-Packard Officejet #128469
- Fwd: Re: Re: Scan from a Hewlett-Packard Officejet #662447
- Re: Scan from a HP Officejet #49477094
- Fwd: Fwd: Scan from a Hewlett-Packard Officejet #885932
- Fwd: Fwd: Scan from a HP Officejet #09665907
Once the end user downloads and previews the malicious attachment, a script inside the HTML file will attempt to load client-side exploits for external compromised web sites.
End and corporate users are advised to report the emails as spam/malicious and avoid interacting with the content of the email messages.
- 2