市值: $3.3401T -0.830%
成交额(24h): $100.8368B 22.900%
  • 市值: $3.3401T -0.830%
  • 成交额(24h): $100.8368B 22.900%
  • 恐惧与贪婪指数:
  • 市值: $3.3401T -0.830%
加密货币
话题
百科
资讯
加密话题
视频
热门新闻
加密货币
话题
百科
资讯
加密话题
视频
bitcoin
bitcoin

$107768.358498 USD

-1.49%

ethereum
ethereum

$2529.161625 USD

-1.87%

tether
tether

$1.000169 USD

0.00%

xrp
xrp

$2.251414 USD

-1.08%

bnb
bnb

$658.434141 USD

-0.59%

solana
solana

$148.098376 USD

-2.76%

usd-coin
usd-coin

$1.000043 USD

0.00%

tron
tron

$0.287075 USD

-0.38%

dogecoin
dogecoin

$0.166579 USD

-3.89%

cardano
cardano

$0.574391 USD

-2.74%

hyperliquid
hyperliquid

$37.242063 USD

-6.85%

bitcoin-cash
bitcoin-cash

$495.213033 USD

-0.77%

sui
sui

$2.835127 USD

-3.41%

chainlink
chainlink

$13.230913 USD

-2.80%

unus-sed-leo
unus-sed-leo

$9.041547 USD

-0.05%

加密货币新闻

打印机公司捕获了分发比特币偷走恶意软件

2025/05/20 19:27

从现在开始,为了保护您的比特币(BTC)或其他加密货币,您不仅需要观看您要在线点击的内容,还需要购买什么打印机

打印机公司捕获了分发比特币偷走恶意软件

A printer company was caught distributing bitcoin (BTC)-stealing malware, researchers at G Data discovered.

发现G数据的研究人员发现了一家打印机公司(BTC)捕获比特币(BTC)的恶意软件。

First discovered by Cameron Coward, the YouTuber behind the channel Serial Hobbyism, and discussed on Reddit, the issue caught the attention of the cybersecurity firm.

该问题首先是由频道连续业余爱好背后的YouTuber Cameron Coward发现的,并在Reddit上进行了讨论,该问题引起了网络安全公司的关注。

Their Principal Malware Researcher, Karsten Hahn, said he discovered that the threat actor's address received 9.3 BTC ($985,000), potentially from users of printers made by Procolored. The address, which saw 330 transactions in total, is currently empty.

他们的主要恶意软件研究人员卡尔斯滕·哈恩(Karsten Hahn)说,他发现威胁性演员的地址收到了9.3 BTC(985,000美元),这可能来自Procolored制造的打印机用户。该地址总共看到了330笔交易,目前为空。

After the YouTuber received an antivirus alert about a USB-spreading malware and a Floxif infection, considered one of the most severe types of infection, Hahn checked downloads for six Procolored products.

在YouTuber收到了有关开发USB的恶意软件和Floxif感染的防病毒警报后,被认为是最严重的感染类型之一,Hahn检查了六种Procolored产品的下载。

Among the files, last updated in October 2024, he found Win32.Backdoor.XRedRAT.A, a backdoor, and MSIL.Trojan-Stealer.CoinStealer.H, a stealer that either exfiltrates cryptocurrency wallets or replaces addresses in the clipboard with the attackers’ address.

在2024年10月上次更新的文件中,他找到了Win32.backdoor.xredrat.a,后门和MSIL.TROJAN-Stealer.coinstealer.h,窃取器,它可以剥落加密货币钱包或替换剪贴板中的攻击者地址。

However, the researcher didn’t find Floxif in the download section.

但是,研究人员在下载部分没有找到Floxif。

Meanwhile, initially, Procolored denied that they were spreading the malware, providing various explanations as to why antivirus programs might misidentify their software as false positives.

同时,最初否认他们正在传播恶意软件,提供了各种解释,说明为什么防病毒计划可能会将其软件误认为是误报。

"Nevertheless, they took down the software downloads from their website, which we noticed around the 8th of May 2025, and started an internal investigation," Hahn said, suggesting that a plausible explanation is the absence or failure of antivirus scanning on the systems used to compile and distribute the software packages.

哈恩说:“尽管如此,他们从他们的网站上删除了软件下载,我们注意到了2025年5月8日左右,并开始了内部调查。”

In a response to the researcher, the company suggested that the virus was injected during the process of transferring the software from USB drives to their website. The company also claims that the software will be re-uploaded "only after passing stringent virus and security checks."

在对研究人员的回应中,该公司建议该病毒是在将软件从USB驱动器转移到其网站的过程中注入的。该公司还声称,该软件将“仅在经过严格的病毒和安全检查后才重新上传”。

In the meantime, Hahn recommends Procolored product users check whether any antivirus exclusions have been set for the printer software files, as people might have dismissed antivirus warnings.

同时,Hahn建议使用的产品用户检查是否已为打印机软件文件设置了任何防病毒排除,因为人们可能已经驳回了防病毒警告。

"The safest remedy for an infection with file infectors is reformatting all drives and reinstalling the operating system," the researcher said, adding that despite transactions to the BTC address stopping on March 3rd, 2024, the file infection itself still damages systems.

研究人员说:“使用文件感染者感染的最安全的治疗方法是重新格式化所有驱动器并重新安装操作系统。”他补充说,尽管BTC地址交易于2024年3月3日停止,但文件感染本身仍然损坏了系统。

免责声明:info@kdj.com

所提供的信息并非交易建议。根据本文提供的信息进行的任何投资,kdj.com不承担任何责任。加密货币具有高波动性,强烈建议您深入研究后,谨慎投资!

如您认为本网站上使用的内容侵犯了您的版权,请立即联系我们(info@kdj.com),我们将及时删除。

2025年07月08日 发表的其他文章