‘HP OfficeJet Printer Scan’ Bulk E-mails Result in Malware Infection

SophosLabs is monitoring one fake e-mail scam that's profusely infecting the PCs of unwitting end-users. The attack, which's getting extensively spammed, poses as a message carrying a particular scan that one HP OfficeJet printer performed. NakedSecurity published this dated February 23, 2012.

Displaying a caption, "Scan from a HP OfficeJet #43384897," the dangerous electronic mail refers to an attached document that after being scanned with a Hewlett-Packard HP OfficeJet 81998A has been dispatched to the recipient and as an .HTML attachment from "BETTYANN."

But the HTML file-attachment contains one malevolent code, which compels the user for visiting intermediate websites possibly containing malware and/or attack-code. Moreover, soon as this file-attachment is opened, the mentioned code tries installing client-side exploits so as to benefit externally-running hijacked sites.

Senior Researcher Graham Cluley at Sophos points out that it isn't anything new to have assaults that disguise their actual purpose via pretending to be an e-mail providing a printer-operated scan, while such assaults have previously assisted online-crooks to contaminate PCs with Adobe/Java attack codes. Help Net Security published this on February 24, 2012.

Meanwhile, the malicious file within the attachment, according to Sophos researchers, has been identified as Mal/Iframe-W.

Nonetheless, it isn't new that HP-printers are propagating malicious software. During November 2011, security investigators at Columbia University discovered one vital core flaw within particular HP-printers in a network, which allowed an external system gain access to print jobs; insert malware from the remote, inside the firmware of the printer, which compromised the machine. According to them, the Hewlett-Packard LaserJets skipped examining the presence of digital signatures towards the confirmation of the updates' authenticity. Consequently, a remote cyber-criminal could acquire admission into an organization's network via the dispatch of a print task laden with malware to an Internet linked printer.

Conclusively, security specialists advise that PC-operators require being aware about uninvited e-mail attachments, while being extra cautious of clicking anything merely for the reason it appears as one official message. Further, anti-spam and anti-virus software should be kept up-to-date. Above all, users require applying common sense so the possibilities of letting an assault turn out effective are minimized, add the specialists.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 3/1/2012