中國打印機製造商與官方司機一起銷售了分佈式的偷走比特幣惡意軟件

5月19日，中國新聞媒體新聞報導說，總部位於深圳的打印機公司Procolored一直在與官方駕駛員一起分發偷竊比特幣（BTC）惡意軟件。

A Chinese printer manufacturer has been caught distributing Bitcoin-stealing malware alongside its official drivers, local media outlet Landian News reported on May 19.

當地媒體媒體Landian新聞報導，一家中國打印機製造商與其官方駕駛員一起分發了偷竊比特幣的惡意軟件。

Shenzen-based Procolored, a hardware company known for its 3D printers, UV printers and other imaging devices, was found to be distributing malware-ridden drivers using USB drivers and uploading the compromised software to cloud storage for global download.

一家以深圳為Procolored，這是一家以3D打印機，UV打印機和其他成像設備而聞名的硬件公司，它正在使用USB驅動程序分發惡意軟件驅動器，並將折衷的軟件上傳到雲存儲中以供全球下載。

The issue was first reported by YouTuber Cameron Coward, whose antivirus software detected malware in the Procolored drivers while testing a UV printer. The software flagged the drive as containing a worm and a trojan virus named Foxif.

該問題首先是由YouTuber Cameron Coward報告的，他的防病毒軟件在測試UV打印機時檢測到了Procoled驅動程序中的惡意軟件。該軟件將驅動器標記為包含蠕蟲和名為Foxif的木馬病毒。

After encountering issues with the antivirus tool, Procolored maintained that the detection was a false positive and deleted the infected drivers from its storage on May 8, re-scanning all files.

在使用防病毒工具遇到問題後，Procolored堅持認為檢測是假陽性的，並於5月8日從其存儲空間中刪除了被感染的驅動程序，從而重新掃描了所有文件。

Analysis by cybersecurity firm G-Data revealed that most of Procolored’s drivers were hosted on the file hosting service MEGA, with uploads as old as October 2023. Analysis of those files confirmed that they were compromised by two distinct pieces of malware: backdoor Win32.Backdoor.XRedRAT.A and a crypto stealer designed to substitute addresses in the clipboard with those controlled by the attacker.

網絡安全公司G-DATA的分析表明，Procolored的大多數驅動程序都是在文件託管服務中託管的，上傳的上載與2023年10月一樣古老。對這些文件的分析證實，這些文件被兩種不同的惡意軟件妥協：Backdoor win32.backdoor.xredrat.a和Crypto Sheter by Cripto the Clipseres clipboarders the Contripsers contripsers contertute clipboards contertute contertute clipsports corterty optocters to的分析。

The cybersecurity company contacted the hardware producer, who attributed the malware to a supply chain compromise, explaining that the malicious files were introduced through infected USB devices before being uploaded online.

網絡安全公司與硬件生產商聯繫，後者將惡意軟件歸因於供應鏈折衷，並解釋說，惡意文件是通過受感染的USB設備在網上上傳之前通過受感染的USB設備引入的。

“We have been the victims of a third-party software vulnerability that led to the inclusion of malicious code in some of our printer drivers,” a Procolored spokesperson told G-Data.

一位偽造的發言人告訴G-data：“我們一直是第三方軟件脆弱性的受害者，導致某些打印機司機將惡意代碼納入其中。”

The company added that it had taken immediate steps to remove the affected drivers and notify relevant parties. Procolored also planned to implement enhanced security measures to prevent similar incidents in the future.

該公司補充說，已經立即採取了措施來刪除受影響的駕駛員並通知相關方。 Procolored還計劃實施增強的安全措施，以防止將來類似的事件。

A total of 9.3 BTC worth over $953,000 have been stolen, according to crypto tracking and compliance firm Slow Mist, which described how the malware operates in a May 19 X post.

根據加密跟踪和合規性公司慢霧的數據，總計9.3 BTC的價值超過953,000美元，該公司在5月19日x帖子中的運作方式描述瞭如何運作。