In this news:
Skip to main content
Tech Radar Pro
Tech Radar Gaming
Tech Radar Pro
TechRadar the business technology experts
Search TechRadar
View Profile
België (Nederlands)
Deutschland
North America
US (English)
Australasia
New Zealand
Expert Insights
Website builders
Web hosting
World Password Day
Best website builder
Best web hosting
Best office chairs
Expert Insights
Recommended reading
Xerox printer security risk could let hackers sneak into your systems
Microsoft reveals over a million PCs hit by malvertising campaign
Malicious Python packages are stealing vital data, and have been downloaded thousands of times already
Huge cyberattack found hitting vulnerable Microsoft-signed legacy drivers to get past security
US military and defense contractors hit with Infostealer malware
Hundreds of GitHub repositories hijacked to trick users into downloading malware
MassJacker malware targets those looking for pirated software
Procolored printers shipped out with malware-ridden drivers for half a year
Sead Fadilpašić
19 May 2025
Procolored got breached and served its users malware for months
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Procolored)
A Chinese printer maker was serving malware with software installations for half a year
The malware included backdoors and crypto stealers
Almost 10 BTC was stolen
Procolored, a major Chinese printer manufacturer, has been inadvertently infecting its customers with backdoors, infostealers, and cryptocurrency stealers - for six months. This is according to cybersecurity researchers G Data, who were tipped off about the supply chain attack by a YouTube content creator, Cameron Coward.
Apparently, Coward wanted to review one of Procolored’s printers and, after trying to install the accompanying software from a USB stick, was alerted to the presence of the Floxif worm. He reached out to the company who dismissed the warning as a false positive. Unsatisfied with the answer, Coward turned to Reddit, where his thread was picked up by G Data’s researchers.
The team found six of the company’s product lines infected with malware: F8, F13, F13 Pro, V6, V11 Pro, and VF13 Pro. They also determined that the last update of the software was made in October 2024, which means the company was deploying malware for at least half a year before being spotted.
You may like
Xerox printer security risk could let hackers sneak into your systems
Microsoft reveals over a million PCs hit by malvertising campaign
Malicious Python packages are stealing vital data, and have been downloaded thousands of times already
60% off for Techradar readers
With Aura's parental control software, you can filter, block, and monitor websites and apps, set screen time limits. Parents will also receive breach alerts, Dark Web monitoring, VPN protection, and antivirus.
Preferred partner (What does this mean?)
Tens of unique variants
In total, the researchers found 39 malware detections in 20 uniquely hashed executables. There were RATs, trojans, clipboard stealers, and cryptocurrency stealers. One of the wallets allegedly belonging to the attackers received almost 10 BTC, which means the attackers raked in almost a million dollars with just one piece of malware.
It was also said that some of the command-and-control (C2) infrastructure was inactive since early 2024, while the BTC wallet hasn’t been active since March the same year. This could signal that the threat actors moved to other things, which could mean the threat isn’t as pronounced today.
Procolored is a leader in the digital textile printing industry, according to Cyberinsider. The company’s hardware is used in small-scale manufacturing and creative industries, the publication claims, adding that its presence “sent ripples” through the tech and maker communities.
As of May 8, all software was removed from Procolored’s website, and an investigation was launched. The company told G Data that its systems were most likely compromised as well.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Via BleepingComputer
You might also like
Microsoft says Russian hackers are exploiting an ancient printer security flaw
Take a look at our guide to the best authenticator app
We've rounded up the best password managers
Sead Fadilpašić
Social Links Navigation
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Xerox printer security risk could let hackers sneak into your systems
Microsoft reveals over a million PCs hit by malvertising campaign
Malicious Python packages are stealing vital data, and have been downloaded thousands of times already
Huge cyberattack found hitting vulnerable Microsoft-signed legacy drivers to get past security
US military and defense contractors hit with Infostealer malware
Hundreds of GitHub repositories hijacked to trick users into downloading malware
Latest in Security
Hackers can turn off Windows Defender with this sneaky new tool
Broadcom hit by employee data theft after breach in ADP payroll system
Legal Aid database hacked, 'significant amount' of data and criminal records stolen
RICO crypto fraud investigation leads to twelve more arrests
Chrome patched this bug, but CISA says it's still actively exploited
Global Russian hacking campaign steals data from government agencies
Latest in News
Steam could be coming to the Microsoft Store – here’s what that could mean for you
Valve deckard VR headset described as ‘quite amazing’ but there’s still no word on its launch
Hackers can turn off Windows Defender with this sneaky new tool
Prime Video sounds the death knell for The Bondsman as Kevin Bacon horror show is canceled after one season
Apple could soon let iPhone owners use alternative voice assistants to Siri, but you can call up Gemini or ChatGPT right now with this simple hack
The iPhone Fold is apparently being tested with a feature we’ve been waiting years for
LATEST ARTICLES
Prime Video sounds the death knell for The Bondsman as Kevin Bacon horror show is canceled after one season
Procolored printers shipped out with malware-ridden drivers for half a year
5 great free movies to stream on Pluto TV, Plex, Samsung TV Plus and more this week (May 19)
New report says AirPods Pro 3 won't launch this year, and that a real AirPods Max upgrade is finally on the way
Apple could soon let iPhone owners use alternative voice assistants to Siri, but you can call up Gemini or ChatGPT right now with this simple hack
TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
Contact Future's experts
Terms and conditions
Privacy policy
Cookies policy
Advertise with us
Web notifications
Accessibility Statement
Future US, Inc. Full 7th Floor, 130 West 42nd Street,
Please login or signup to comment
Please wait...
.png)
