If you have a printer for Procord -based Procord in China, see: Company driver files are full of malware, including Windows -based backdoor.
Cyroscopy Vendor G data researcher Carten Hun on Thursday reported the results. “A printer company provided the affected printer software for half a year,” he said.
Hun started an investigation after receiving a printer for Percold, who provides a direct film printers to the serial hobby, which can be used to make customs shirts. When examining the printer for review, the built -in anti -virus Windows defender and Google’s Chrome browser informed him of the dangers of malware on his computer.
His computer was targeted with a flooxif, which is a powerful malware that can replace a Windows executive and install another malicious code. It can also spread itself through USB drives. After installing the software from the zip folder on the “USB Thumb Drive Prok Clared” provided with the printer, Caver KPC received a malware alert.
Although a company based in Shenzhen claims that malware alerts are false positive, Cavard posted a call on the reddate for a third -party security researcher. In G data, Han launched an investigation and the printer driver files hosted on the printed website detected the danger.
(Credit: mega.nz/procolored)
Surprisingly, third -party mega dot NZ file sharing account is hosting printer driver files for six products. Hun’s Anti -Virus Scan found that 39 of the files indicated two malware: one for a cryptocurrency purse steeller, the other is a backdoor for Windows PC.
Get our best stories!
Be safe with the latest greeting news and updates
Sign up for our Security Watch Newsletter for our most important privacy and security stories.
By clicking on the signup, you confirm that you are 16+ years old and agree to our use and privacy policy terms.
Thank you for signing up!
Your membership has been confirmed. Keep an eye on your inbox!
Hun estimates that malicious drivers have been circulating for half a year as the mega dotNZ directory suggests that many files were last updated six months ago. The investigation also revealed that the driver’s files were actually tampered on a system that had been “infected several times” with a variety of malware, which can be told why Han’s PC was exposed to a floox infection.
Prokord did not respond to the request for an immediate comment. But the company told Hun that it suspects the drivers’ files have been tampered by the affected USB drive. “The software hosted on our website was initially transferred via USB drives. It is possible that a virus has been introduced during the process.”
The company added, “As a precaution, all software has been temporarily removed from the official purchase website.” “We’re scanning a comprehensive malware of each file. The software will be uploaded only after passing the tight virus and security checks. This is a top priority for us, and we are taking it very seriously.”
Suggested by our editors
The statement also noted that plans based on plans to disclose the incident and update its site “Once all the software was thoroughly reviewed and confirmed to be safe.” Han says he has received copies of new driver files and the information he looks clear.
Some people may speculate that you have been deliberately malware. But in his blog post, Hun wrote, “The more understandable explanation indicates the absence or failure of anti -virus scanning on the system used to compile and distribute software packages.” The reason for this is that the command and control server for the backdoor malware X -order has been offline offline from February 2024, which has reduced the risk severity.
In the meantime, Hun has suggested that the affected users consider re -install Windows OS to completely eliminate the risk. “It is possible that some users rejected the warning of anti -virus, assuming that the files are safe,” he said.
About Michael’s ear
Senior Reporter
