procol的中国打印机制造商分发了被窃取比特币的恶意软件污染的驾驶员

该信息是在本周由亚洲国家媒体报道的，并表明9.3 BTC被盗。

A Chinese printer manufacturer has reportedly distributed drivers contaminated with malware that steals Bitcoin, according to local reports.

据当地报道称，据报道，一家中国打印机制造商已分发了被窃取比特币的恶意软件污染的驾驶员。

The company, Procolored, is said to have used a USB flash drive to upload the virus-compromised software to a cloud storage service for global download, reports Landian News. In this case, a worm malware and a trojan called Foxif were sent. This episode also adds to a Binance study that exposes critical vulnerabilities in crypto security.

据Landian News报道，据说该公司已使用USB Flash驱动器将病毒功能障碍软件上传到云存储服务以供全球下载。在这种情况下，发送了蠕虫恶意软件和一个名为Foxif的特洛伊木马。这一集还增加了一项Binance研究，该研究暴露了加密安全性的关键漏洞。

According to MistTrack, the malware diverted 9.3 BTC, just under $1 million at the time of this edition. The Bitcoins were sent to the wallet involved in the attack, as “the official driver provided by this printer loads a backdoor program. It hijacks the wallet address in the user’s clipboard and replaces it with the attacker’s address.”

根据Misttrack的说法，该版本时，恶意软件转移了9.3 BTC，不到100万美元。比特币被发送到袭击中涉及的钱包，因为“该打印机提供的官方驱动程序加载了后门程序。它劫持了用户剪贴板中的钱包地址，并用攻击者的地址代替了。”

The malware’s action occurs when the user copies the address, which is modified by the virus before sending. In this case, the transfer ends up being made to the wallet involved in the attack.

当用户复制地址时，恶意软件的操作发生，该地址在发送前由病毒修改。在这种情况下，转移最终是将袭击所涉及的钱包进行的。

Company Acknowledges Infection After YouTuber Discovery

公司确认YouTuber发现后感染

Tiansheng Printer acknowledged the infection, stated that it deleted the infected drivers, and checked all files on May 8.

Tiansheng打印机承认了感染，并指出它删除了受感染的驱动程序，并于5月8日检查了所有文件。

However, the manufacturer’s acknowledgment reportedly came after the insistence of YouTuber Cameron Coward, who discovered the malware. It started when he installed the software of a Procolored UV printer and was alerted by an antivirus.

但是，据报道，制造商的承认是在发现了恶意软件的YouTuber Cameron Coward的坚持之后。它始于他安装了Procoled UV打印机的软件，并由防病毒软件提醒。

Coward reported that he notified Tiansheng, which blamed his antivirus. Dissatisfied, the YouTuber said he sought help on a Reddit forum and ended up attracting the attention of security company G-Data.

Coward报告说，他通知了Tiansheng，这归咎于他的防病毒软件。 YouTuber不满意，他在Reddit论坛上寻求帮助，并最终吸引了安全公司G-DATA的注意。

G-Data’s analysis revealed that the drivers were contaminated with a backdoor called Win32.Backdoor.XRedRAT.A and a cryptocurrency thief based on .NET. In this case designed to swap addresses in the clipboard.

G-DATA的分析表明，驾驶员被称为Win32.backdoor.xredrat.a的后门污染，并且基于.NET的加密货币小偷。在这种情况下，旨在交换剪贴板中的地址。

The security company advised users to carefully check the system and scan. If possible, to reinstall the printer driver, which must be obtained by direct contact with Tiansheng technical support.

安全公司建议用户仔细检查系统和扫描。如果可能的话，要重新安装打印机驱动程序，必须通过直接与Tiansheng的技术支持来获得。