TechFlow, May 19 — According to BleepingComputer, Shenzhen-based printer manufacturer Procolored (Tiansheng Intelligence) has been found to have shipped its official software containing a remote access trojan and cryptocurrency stealer for at least six months.
Researchers from cybersecurity firm G Data discovered two types of malware—XRedRAT and SnipVex—embedded in the companion software for at least six of the company's printer models. SnipVex is capable of infecting .EXE files and replacing Bitcoin addresses in the clipboard. The cryptocurrency address used to receive stolen funds has received approximately 9.308 BTC, worth nearly $1 million at current exchange rates.




