What happened?
Procolored, a digital printer manufacturer based in China, inadvertently distributed malware through its official printer drivers, which included a remote access trojan called XRedRAT and a Bitcoin clipboard hijacker named SnipVex. This issue was discovered when a YouTuber’s antivirus software flagged the printer drivers as malicious. After public exposure, Procolored’s parent company, Tiansheng, removed the infected files and attributed the infection to USB cross-contamination.
Who does this affect?
The malware from Procolored’s printer software affects users worldwide, particularly those who downloaded the infected drivers from Procolored’s support site or received them via USB. The users at risk include individuals and businesses in over 30 countries where Procolored sells its printers, including a large customer base in the United States. Anyone who installed these drivers without proper antivirus checks potentially exposed their systems to severe cybersecurity threats.
Why does this matter?
This incident has significant market implications as it highlights vulnerabilities in global supply chains and the security risks of downloading software, even from trusted sources. The breach resulted in a cryptocurrency theft valued at over $953,000, indicating the financial impact such malware can have on individuals and businesses. Additionally, this raises concerns about cybersecurity protocols for companies operating internationally and the need for stricter scrutiny on software distributed by hardware manufacturers.