Skip to main content

Chinese printer manufacturer shipped printers with malware and backdoor.

 
Procolored, a Chinese printer manufacturer, has been sending infecting its customers with backdoors, infostealers, and cryptocurrency stealers - for six months. This information comes from cybersecurity researchers at G Data, who were alerted to the supply chain attack by a technical author and content creator, Cameron Coward.

Apparently, Coward wanted to review one of Procolored’s printers. After attempting to install the accompanying software from a USB stick, he was alerted to the presence of the Floxif worm. He reached out to the company who dismissed the warning as a false positive. Unsatisfied with this response, Coward turned to Reddit, where his thread was picked up by G Data‘s cyber security researchers.

G Data, however, discovered that 39 software downloads, hosted on mega.nz and last updated in October 2024, had been infected with two malware families, namely an information stealer and a backdoor.

1.Win32.Backdoor.XRedRAT.A

2.MSIL.Trojan-Stealer.CoinStealer.H

The backdoor, dubbed XRed, is written in Delphi and has worm-like behavior. The sample found in Procolored’s downloads could log keystrokes, download additional payloads, take screenshots, tamper with files, and provide a shell if requested.

The stealer, named CoinStealer, targets cryptocurrency wallets but can also replace cryptocurrency addresses in the clipboard with an attacker’s address, to divert funds to the attacker during transfers.

The researchers also identified six of the firm's product lines infected with malware: F8, F13, F13 Pro, V6, V11 Pro, and VF13 Pro.


Labels

Labels:

Popular posts from this blog

Cybersecurity Giant CrowdStrike Triggers Worldwide Computer to Blue Screen of Death

    Recently, a widespread issue has paralyzed computers globally, initially mistaken for a cyber attack. Speculations pointed fingers at Microsoft, as only Windows systems seemed affected. However, the real culprit was CrowdStrike, a major cybersecurity firm renowned for its endpoint protection services, akin to antivirus for corporate fleets of computers. The problem stemmed from an automatic update pushed by CrowdStrike, designed to enhance security through its endpoint sensors. Unfortunately, a critical bug slipped into the update, causing affected computers—running CrowdStrike's software—to crash irreparably. Since the sensors operate at a deep system level, the glitch caused entire systems to enter a continuous cycle of crashes, known ominously as the "blue screen of death." CrowdStrike quickly acknowledged the issue and provided a fix, albeit a cumbersome one. Affected PCs must be manually booted into safe mode to remove specific files, a process that needs to be r...
Read more

Grok 3: The AI Chatbot Breaking Boundaries with Bold, Uncensored Responses

  In the ever-evolving world of artificial intelligence, Grok 3 is quickly making waves both for its cutting-edge capabilities and its shocking, unfiltered personality. Developed by Elon Musk’s xAI, Grok 3 is an AI chatbot that has taken the internet by storm, especially among regular X (formerly Twitter) users in India. Known for its snarky responses, irreverent tone, and ability to learn from the unpredictable and sometimes profane language of users, Grok 3 is far from your average chatbot. Launched in February 2025, Grok 3 is a powerhouse of computational prowess, utilizing 12.8 trillion tokens to deliver responses that range from wildly intelligent to oddly rebellious. It’s trained with data from a variety of sources everything from legal filings to X posts giving it a diverse range of knowledge and a unique ability to engage in conversation that feels real, yet sometimes, unsettlingly raw. But it’s not just Grok 3’s wealth of knowledge that’s making headlines. The chatbot ...
Read more

AI tools on the dark web

  As AI continues to develop, its role in cybercrime on the dark web will only increase. The ability of cybercriminals to experiment with AI-powered tools is a new frontier in the ongoing war between hackers and cybersecurity experts. The Dark Web is quickly becoming a testing ground for new AI-powered attacks. The bad actors can customize their methods and expand their scope of their crimes. 1. FraudGPT – When AI is the worst spammer FraudGPT is a tool that sends fake emails. Create a fraudulent website And it spreads malware like a 24/7 scam operation. It's so clever it can trick you into handing over sensitive information to hackers—just like your grandma's bank details! If installed correctly, it does not require too much energy to operate. 2. Angler AI – A fishing tool that personalizes your attacks. Angler AI is a secret tool. That changes perspective depending on how you respond. It's like a telemarketer who knows everything about you and can even pretend to be y...
Read more