![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
从现在开始,为了保护您的比特币(BTC)或其他加密货币,您不仅需要观看您要在线点击的内容,还需要购买什么打印机
A printer company was caught distributing bitcoin (BTC)-stealing malware, researchers at G Data discovered.
发现G数据的研究人员发现了一家打印机公司(BTC)捕获比特币(BTC)的恶意软件。
First discovered by Cameron Coward, the YouTuber behind the channel Serial Hobbyism, and discussed on Reddit, the issue caught the attention of the cybersecurity firm.
该问题首先是由频道连续业余爱好背后的YouTuber Cameron Coward发现的,并在Reddit上进行了讨论,该问题引起了网络安全公司的关注。
Their Principal Malware Researcher, Karsten Hahn, said he discovered that the threat actor's address received 9.3 BTC ($985,000), potentially from users of printers made by Procolored. The address, which saw 330 transactions in total, is currently empty.
他们的主要恶意软件研究人员卡尔斯滕·哈恩(Karsten Hahn)说,他发现威胁性演员的地址收到了9.3 BTC(985,000美元),这可能来自Procolored制造的打印机用户。该地址总共看到了330笔交易,目前为空。
After the YouTuber received an antivirus alert about a USB-spreading malware and a Floxif infection, considered one of the most severe types of infection, Hahn checked downloads for six Procolored products.
在YouTuber收到了有关开发USB的恶意软件和Floxif感染的防病毒警报后,被认为是最严重的感染类型之一,Hahn检查了六种Procolored产品的下载。
Among the files, last updated in October 2024, he found Win32.Backdoor.XRedRAT.A, a backdoor, and MSIL.Trojan-Stealer.CoinStealer.H, a stealer that either exfiltrates cryptocurrency wallets or replaces addresses in the clipboard with the attackers’ address.
在2024年10月上次更新的文件中,他找到了Win32.backdoor.xredrat.a,后门和MSIL.TROJAN-Stealer.coinstealer.h,窃取器,它可以剥落加密货币钱包或替换剪贴板中的攻击者地址。
However, the researcher didn’t find Floxif in the download section.
但是,研究人员在下载部分没有找到Floxif。
Meanwhile, initially, Procolored denied that they were spreading the malware, providing various explanations as to why antivirus programs might misidentify their software as false positives.
同时,最初否认他们正在传播恶意软件,提供了各种解释,说明为什么防病毒计划可能会将其软件误认为是误报。
"Nevertheless, they took down the software downloads from their website, which we noticed around the 8th of May 2025, and started an internal investigation," Hahn said, suggesting that a plausible explanation is the absence or failure of antivirus scanning on the systems used to compile and distribute the software packages.
哈恩说:“尽管如此,他们从他们的网站上删除了软件下载,我们注意到了2025年5月8日左右,并开始了内部调查。”
In a response to the researcher, the company suggested that the virus was injected during the process of transferring the software from USB drives to their website. The company also claims that the software will be re-uploaded "only after passing stringent virus and security checks."
在对研究人员的回应中,该公司建议该病毒是在将软件从USB驱动器转移到其网站的过程中注入的。该公司还声称,该软件将“仅在经过严格的病毒和安全检查后才重新上传”。
In the meantime, Hahn recommends Procolored product users check whether any antivirus exclusions have been set for the printer software files, as people might have dismissed antivirus warnings.
同时,Hahn建议使用的产品用户检查是否已为打印机软件文件设置了任何防病毒排除,因为人们可能已经驳回了防病毒警告。
"The safest remedy for an infection with file infectors is reformatting all drives and reinstalling the operating system," the researcher said, adding that despite transactions to the BTC address stopping on March 3rd, 2024, the file infection itself still damages systems.
研究人员说:“使用文件感染者感染的最安全的治疗方法是重新格式化所有驱动器并重新安装操作系统。”他补充说,尽管BTC地址交易于2024年3月3日停止,但文件感染本身仍然损坏了系统。
免责声明:info@kdj.com
所提供的信息并非交易建议。根据本文提供的信息进行的任何投资,kdj.com不承担任何责任。加密货币具有高波动性,强烈建议您深入研究后,谨慎投资!
如您认为本网站上使用的内容侵犯了您的版权,请立即联系我们(info@kdj.com),我们将及时删除。
-
- Kucoin,AI激励措施和游戏RWA:一个新时代?
- 2025-07-08 14:30:12
- 探索Kucoin在游戏领域内AI驱动的激励措施和现实世界资产(RWA)中的战略举动。
-
-
- 比特币获得和战略报告:什么是HAP?
- 2025-07-08 15:10:12
- 潜入最新的比特币收益,主要参与者的战略举动以及模因硬币热潮。在推动加密货币市场的原因上获取勺子。
-
-
-
-
- Pumpfun,Soken Sale和Gate Exchange:有什么交易?
- 2025-07-08 14:50:12
- 泵。Fun计划的泵代币在门交易所面孔的不确定性。是延迟,取消还是像往常一样疯狂?
-
- 隐私,声誉和MEXC列表:浏览Web3景观
- 2025-07-08 14:55:12
- 探索Web3中隐私,声誉和交换清单的交集,重点关注R0AR的MEXC列表和越南的监管进步。
-
- 以太坊占据了中心地位:位数字的纳斯达克飞跃和财务未来
- 2025-07-08 15:00:12
- 位数字沟渠比特币用于以太坊,标志着战略转变。这是加密在纳斯达克的新时代的开始吗?