For six months, malware infected software downloads hosted on Procolored’s website, leading to a widespread security breach. The infection involved advanced malware families, including a backdoor and a cryptocurrency stealer, impacting Procolored’s systems and users. #Procolored #CybersecurityThreats
Keypoints
- The malware infected 39 software files hosted on Procolored’s website over a six-month period.
- Two malware families were identified: a backdoor called XRed and a stealer named CoinStealer.
- XRed can log keystrokes, download payloads, take screenshots, and provide remote shell access.
- CoinStealer targets cryptocurrency wallets and can replace wallet addresses in the clipboard to divert funds.
- The infection likely originated during software transfer via infected USB flash drives, affecting the build process.
Read More: https://www.securityweek.com/printer-company-procolored-served-infected-software-for-months/