The Chinese printer manufacturer sent a distribution of Bitcoin-stealing malware with its official drivers, according to local media reports.
News News News reported On May 19 that the Shenzhen-based company-based company shares Bitcoin-stealing (Btc) Malware next to official drivers. The firm has been reported that USB drivers have been used to distribute the drivers who are riding in malware and uploaded the compromised cloud storage software for global download.
So far, 9.3 BTC worth more than $ 953,000 has been stolen, according to the report. Crypto Tracking and Compliance Firm Slow Mist explains how malware operates on a May 19 X X Post:
“The official driver provided by this printer carries a backdoor program. I -Hijack the purse address to the user’s clipboard and replace it with the attacker’s address.”
Related: Massive supply chain attack targeting small number of crypto companies: kaspersky
YouTuber flags are malware on that -Procolor drivers
Landian News recommends users who have downloaded a single printer drivers for the past six months to “immediately conduct a full system system using antivirus software.” However, due to the hit or miss nature of antivirus software, a full system reset is always a better choice when in doubt:
“Ideally, you should reinstall your operating system and thoroughly check the old files.”
The issue is said to be first reported by YouTuber Cameron cowardlythat antivirus saw malware on drivers while trying a Procolored UV printer. The antivirus flashes a drive as a worm and a trojan virus named Foxif.
Related: Coinbase faces $ 400m bill after attacking insider phishing
Cybersecurity Firm confirms malware-stealing malware
In contact, Procolored denies claims and removes the antivirus that has dropped drivers as a false positive. Coward turned around RedditWhere he shared the issue with cybersecurity professionals, which attracts the attention of the g-datan cybersecurity firm.
G-Data’s investigation It was found that most Procolored drivers were hosted in File Hosting Service Mega, with uploads as old as October 2023. Analysis of these files confirmed that they have compromised two different pieces of malware: The Backdoor Win32.BackDoor.xredrat.a and a crypto-stealer are designed controlled by the attack.
Procolored contacted the G-Data, with the hardware manufacturer saying it removed infected drivers from its storage on May 8 and again scanned all files. Procolored relates to malware to a compromise in the supply chain, stating that malicious files are introduced through infected USB devices before uploading online.
Related: Crypto drainers as a service: What do you need to know
