1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Procolored printers shipped out with malware-ridden drivers for h

    From TechnologyDaily@1337:1/100 to All on Monday, May 19, 2025 14:30:09
    Procolored printers shipped out with malware-ridden drivers for half a year

    Date:
    Mon, 19 May 2025 13:28:00 +0000

    Description:
    The malware stole almost 10 BTC from the victims.

    FULL STORY ======================================================================A Chinese printer maker was serving malware with software installations for
    half a year The malware included backdoors and crypto stealers Almost 10 BTC was stolen

    Procolored, a major Chinese printer manufacturer, has been inadvertently infecting its customers with backdoors, infostealers, and cryptocurrency stealers - for six months. This is according to cybersecurity researchers G Data, who were tipped off about the supply chain attack by a YouTube content creator, Cameron Coward.

    Apparently, Coward wanted to review one of Procoloreds printers and, after trying to install the accompanying software from a USB stick, was alerted to the presence of the Floxif worm. He reached out to the company who dismissed the warning as a false positive. Unsatisfied with the answer, Coward turned
    to Reddit, where his thread was picked up by G Datas researchers.

    The team found six of the companys product lines infected with malware: F8, F13, F13 Pro, V6, V11 Pro, and VF13 Pro. They also determined that the last update of the software was made in October 2024, which means the company was deploying malware for at least half a year before being spotted.

    60% off for Techradar readers

    With Aura's parental control software, you can filter, block, and monitor websites and apps, set screen time limits. Parents will also receive breach alerts, Dark Web monitoring, VPN protection, and antivirus.

    Preferred partner ( What does this mean? ) View Deal Tens of unique variants

    In total, the researchers found 39 malware detections in 20 uniquely hashed executables. There were RATs, trojans, clipboard stealers, and cryptocurrency stealers. One of the wallets allegedly belonging to the attackers received almost 10 BTC, which means the attackers raked in almost a million dollars with just one piece of malware .

    It was also said that some of the command-and-control (C2) infrastructure was inactive since early 2024, while the BTC wallet hasnt been active since March the same year. This could signal that the threat actors moved to other
    things, which could mean the threat isnt as pronounced today.

    Procolored is a leader in the digital textile printing industry, according to Cyberinsider . The companys hardware is used in small-scale manufacturing and creative industries, the publication claims, adding that its presence sent ripples through the tech and maker communities.

    As of May 8, all software was removed from Procoloreds website, and an investigation was launched. The company told G Data that its systems were
    most likely compromised as well.

    Via BleepingComputer You might also like Microsoft says Russian hackers are exploiting an ancient printer security flaw Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/procolored-printers-shipped-out-with-ma lware-ridden-drivers-for-half-a-year


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)