2025-05-22 01:12:00
www.pcgamer.com
It’s a sad truth that you just can’t ever let your guard down when it comes to malicious software, even when buying a $6,000 USD professional grade printer. This is something tech reviewer Cameron Coward found out to be all too true when reviewing a Procolored V11 Pro DTO UV Printer over on Hackster (via Techspot). The printer is supposed to be a fairly high quality device, for those looking to make UV transfers, but he found some pretty nasty software hiding on the included USB.
Coward, who’s also behind the Serial Hobbyism YouTube channel, got pretty lucky when his computer Antivirus flagged software on the included Procolored software installation USB stick as malicious. It picked the malware as being Floxif, a worm known for devastating computers that is usually shared via USB. It’s not quite as scary as ransomware on a CPU, but it’s still fortunate, he did not go ahead with the installation.
Instead, Coward tried to download and install it fresh from the website, but still was flagged for viruses along the way. He smartly contacted Procolored to ask them about the problem. The company informed him it was a false positive, and further encouraged him to install the software. Thankfully Coward didn’t, and instead turned to the internet for more more help on the issue.
It turned out there were quite a few people talking about finding viruses in Procolored’s software, so he brought the problem to Reddit. Thankfully the white-hats were happy to help, and they all reported finding viruses on the software.
One of these heroes, Karsten Hahn, Principle Malware Researcher at G DATA CyberDefense said “I checked the files yesterday and found several files with XRed backdoor and a malicious Coinminer. There is no doubt that several files provided in the download section are malicious.”
While Hahn didn’t find Floxif in the downloadable software, they did discover a backdoor and a trojan cryptocurrency stealer, or clipbanker in the package. The good news is the backdoor pointed to an address that’s unused and out of date, so is likely harmless. The weird thing here is that the clipbanker was new, so he dubbed it SnipVex, and it turns out to be a bit nastier than originally implied.
SnipVex looks as though its primary design is to steal cryptocurrency, but those addresses haven’t been used as far as Hahn could tell, since last year. Instead the current threat here is the ability to infect other files and cause more problems. Thankfully it’s not the most difficult to fix, but it’s still fairly insidious. A quick reinstall is always the best course of action here.
Hahn also notes that while a few of his counterparts on Reddit feel this software was placed intentionally, it seems unlikely. All these old addresses don’t exactly grant the attacker anything. If anything it’s more likely that this has happened as an accident, but Procolored’s response is still very disappointing.
This is a friendly reminder that if something seems pretty suspicious when downloading or installing software, it likely is. Even if it comes with a $6,000 machine. Plus it never hurts to get online and check if your friendly neighbourhood hackers can help investigate these things.
If you’re looking to purchase one of these machines I’d recommend giving Hahn’s breakdown on the viruses a good read. It gives you a better idea of the kind of nefarious things hiding in these software packages, what they can do, and what to look for. Stay safe out there, everyone.
Take your gaming to the next level! The Redragon S101 RGB Backlit Gaming Keyboard is an Amazon’s Choice product that delivers incredible value. This all-in-one PC Gamer Value Kit includes a Programmable Backlit Gaming Mouse, perfect for competitive gaming or casual use.
With 46,015 ratings, an average of 4.6 out of 5 stars, and over 4K+ bought in the past month, this kit is trusted by gamers everywhere! Available now for just $39.99 on Amazon. Plus, act fast and snag an exclusive 15% off coupon – but hurry, this offer won’t last long!
Help Power Techcratic’s Future – Scan To Support
If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.
As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!
|
BITCOIN
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge Scan the QR code with your crypto wallet app |
|
DOGECOIN
D64GwvvYQxFXYyan3oQCrmWfidf6T3JpBA Scan the QR code with your crypto wallet app |
|
ETHEREUM
0xe9BC980DF3d985730dA827996B43E4A62CCBAA7a Scan the QR code with your crypto wallet app |
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
