Chinese Printer Maker Reportedly Spread Crypto Malware

Reading Time: 2 minutes
  • Chinese printer maker Procolored was unknowingly spreading crypto malware
  • The malware was embedded in Procolored’s official USB printer drivers
  • Procolored has removed the malware and rescanned all files

Chinese printer maker Procolored was unknowingly spreading crypto malware through its downloadable official USB printer drivers. According to blockchain security firm Slow Mist, the drivers contained a backdoor, allowing malicious actors to hijack “the wallet address in the user’s clipboard.” The malware targeted Bitcoin holders and has already siphoned nearly $1 million worth of BTC from multiple wallets, an amount that’s likely to increase as more Procolored printer users report losing funds.

Malware Undetected for Six Months

According to reports, the malware was probably embedded in the company’s printer drivers within the last six months. One of the printer’s users discovered the hidden code when his antivirus software alerted him to some malicious code while installing drivers for a Procolored UV printer.

The user reported the issue to Procolored, which dismissed it as a “false alarm from the antivirus software.” The user, however, sought help from cybersecurity specialists who discovered the hidden malware that contained a backdoor and a “cryptocurrency stealer.”

According to the specialists, the backdoor gave the malware access to a computer’s clipboard, where it scouted for crypto addresses. Once found, it replaced them with ones that are controlled by malicious actors.

Infected Flash Drives Introduced the Malware?

Procolored later acknowledged the presence of the malware in its drivers, adding that it may have found its way into the drivers through infected flash drives. The company also said that it had “deleted these drivers and rescanned all files.”

The report comes two months after malicious actors were caught selling malware-laced counterfeit phones and blackmailing YouTubers into spreading crypto malware. These new tactics add to crypto criminals’ attempts to increase the amount stolen by employing unorthodox methods.

With Procolored admitting to its official USB drivers containing malware, its printer users need to delete the old drivers and reinstall them afresh to avoid falling victim.

Share