Bitcoin-stealing malware found in Chinese printer driver

[m2017]

Procolored, a Chinese printer maker transferred an infected driver from a USB flash drive and uploaded it to its servers for users to download.

This manufacturer's server rooms are a walk-through yard, where anyone can come in and do anything? The story sounds plausible. Either the person who did this had full access to the servers. Which means it was someone from the employees, whom the security service could have found long ago.

How can you be so sure that a usb flash drive was used?

Not known if it is deliberate or done by a hacker.

A hacker with a usb flash drive? There are many contradictory moments in this story.

Security experts let people know about the malware and they said the malware has been used to steal at least 9.3 bitcoin.

This amount is impressive. Apparently, quite a few people decided to print the seed phrase on printers from this Chinese printer maker.

To be honest, this figure seems too unrealistic to me. I would like to see a more detailed count of these "security experts" and on what basis they made such a conclusion about 9.3 bitcoin.

This is a lesson for those that have bitcoin on an online wallet not to trust anyone or company at all even if the company is reputable. Any file you download can have malware. Also this is a warning for people to have a cold wallet to store huge amount in coins. You can have a device that you will not be using for downloading files, app and others.

Maybe just don't download any files to the PC that is used to use crypto?

P.S. Another post from OP, which should be moved to the Press section.

[Ultegra134]

It seems that you finally woke up to the harsh reality!  Isolating the computer with no internet access is DEFINITELY the best way to go.  The more you will read up on the subject of how easy it is to lose Bitcoin, the more you will be convinced of this.

Not only will you find yourself with an empty wallet, but you may not even realize where the hell the malware came from.  Back in the day before my paranoia, I would have never guessed my wallet can be emptied from what seems to be a legitimate driver.

It does not have to be a sketchy company.  Google used to praise not doing evil, now they changed their mind.  All sorts of people become criminals overnight and you would have never even guessed.  The point of this paranoia is having a safe Bitcoin wallet that offers no head aches.  Because why stress yourself out when you can live in a peace of mind?

Things can go very south even if you are usually very careful.  It is enough to do ONE mistake and it can all be gone.  You may be drunk one night and not realize you are clicking on the wrong website or download link.  Why stress out, I rather be peaceful instead.

Yeah, no shit, haha! I knew it sounded like the best option, but I was still considering buying a hardware wallet. However, due to some incidents I've read about in the past few years, I'm not sure if I'll feel safe enough with one, which is why I'm leaning toward buying a second laptop instead. I always thought as well that it wouldn't or couldn't happen to me, till malware was installed on my computer, which I never figured out where it came from, and luckily I only lost a couple of bucks in XRP. Losing those XRP coins was a disguised blessing, because I was also planning to move a large sum of money as well. Had I done that, I would have also lost over $3,000 in the blink of an eye.

[tabas]

That sucks, a lot of BTC and a million worth of Bitcoins already.

Yeah, no shit, haha! I knew it sounded like the best option, but I was still considering buying a hardware wallet. However, due to some incidents I've read about in the past few years, I'm not sure if I'll feel safe enough with one, which is why I'm leaning toward buying a second laptop instead.

Hardware wallets are safe but of course you've got to choose the reputable one like Trezor. But when I still don't have one before, that's what I did. I've got an old laptop and bought it brand new before and served as my offline wallet and never connected to the internet for so long until I've purchased mine. If your choice is buying a second laptop then make sure that you'll do a fresh reformat on that..

I always thought as well that it wouldn't or couldn't happen to me, till malware was installed on my computer, which I never figured out where it came from, and luckily I only lost a couple of bucks in XRP. Losing those XRP coins was a disguised blessing, because I was also planning to move a large sum of money as well. Had I done that, I would have also lost over $3,000 in the blink of an eye.

That's scary and that's why we need to be careful on what we're installing in the devices that we use to access our crypto funds.

[adultcrypto]

Procolored, a Chinese printer maker transferred an infected driver from a USB flash drive and uploaded it to its servers for users to download. Not known if it is deliberate or done by a hacker. Security experts let people know about the malware and they said the malware has been used to steal at least 9.3 bitcoin.

https://www.mitrade.com/insights/news/live-news/article-3-829357-20250520

This is a lesson for those that have bitcoin on an online wallet not to trust anyone or company at all even if the company is reputable. Any file you download can have malware. Also this is a warning for people to have a cold wallet to store huge amount in coins. You can have a device that you will not be using for downloading files, app and others.

If they can go this far, it means that no one is safe because we use various electronic devices to buy and store bitcoin and other important data and these devices have their chargers which can be corrupted according to the post. It's really disturbing know the extent scammers can go to get their victims.

People like me that is just starting to buy bitcoin to build a bitcoin portfolio, how do we go about cold wallets when our bitcoin is not much and we are still continuously buying?

[Ultegra134]

Hardware wallets are safe but of course you've got to choose the reputable one like Trezor. But when I still don't have one before, that's what I did. I've got an old laptop and bought it brand new before and served as my offline wallet and never connected to the internet for so long until I've purchased mine. If your choice is buying a second laptop then make sure that you'll do a fresh reformat on that..

That's scary and that's why we need to be careful on what we're installing in the devices that we use to access our crypto funds.

Well, hardware wallets are considered safe, but as I mentioned earlier, there have been a few incidents with them, causing major losses in Bitcoin. It would suck believing that you've actually secured your coins, only to one day find your wallet empty. I believe using a second computer is the wisest approach, and why I haven't gone ahead into buying a hardware wallet already, because I still wouldn't feel 100% safe. I'm planning to buy a new PC and wipe my previous laptop to set it up for this exact purpose.

[Davidvictorson]

I bet there is another soon to be discovered, exposed malware stealing people's Bitcoin from just using any of those devices that connects to your device which you have your crypto to other devices. These guys are working real hard to steal what you worked real hard to earn. Therefore, learn what to do to protect yourself and your coins online. And also continue to tell us about these scams as they are exposed also that we can inform those we love.

[aioc]

These scammers and hackers are finding ways to spread their malware. In the article you posted, I read this.

Interestingly, the risk of exploiting and being the target of phishing scams is not the only challenge crypto users face. There have also been increasing physical and violent attacks on known crypto holders and their relatives.

The article mentioned the Paris incident. I think many kidnappers are now making a shift and targeting crypto whales and VIPs because it's easy to get the ransom, you send the money online to a wallet, and there is no need to bring the ransom physically.
So it's malware online and kidnapping offline, two of the risks of holding Cryptocurrency.

[tabas]

Hardware wallets are safe but of course you've got to choose the reputable one like Trezor. But when I still don't have one before, that's what I did. I've got an old laptop and bought it brand new before and served as my offline wallet and never connected to the internet for so long until I've purchased mine. If your choice is buying a second laptop then make sure that you'll do a fresh reformat on that..

That's scary and that's why we need to be careful on what we're installing in the devices that we use to access our crypto funds.

Well, hardware wallets are considered safe, but as I mentioned earlier, there have been a few incidents with them, causing major losses in Bitcoin. It would suck believing that you've actually secured your coins, only to one day find your wallet empty. I believe using a second computer is the wisest approach, and why I haven't gone ahead into buying a hardware wallet already, because I still wouldn't feel 100% safe. I'm planning to buy a new PC and wipe my previous laptop to set it up for this exact purpose.

That's nice, if you have the capacity to do that and what makes you feel safer the way you keep your coins, you'll just have to do what you think is right since you've experienced enough and you've been in this space for quite a while. So, there should be no problem when you do that because you know how to do it. As I've said that I've done that before but because of some needs that I have to use my old laptop for other things and job stuff. So, it's convenient for me to keep and hide my hardware wallet when nobody knows where I am keeping it physically.

[Peanutswar]

Most of the printer nowadays are connected with the network so once any of the devices connected on the network and get infected it will now get easily access, and it seems its an intentional because in terms of security in printer people commonly ignore because its just a printer low for prone of hacking but that kind of overlook small details might reason to lose their money. Also always secure your network create a firewall, use an AV. But wondering why they created a hot wallet using a computer device I guess this considered as red flag already with the user its company device not their own which any problem might cause its not their responsibility at all.

[Sticky Bomb]

It would be better if bitcoiners can have a separate device for dealing with their wallets and exchange accounts which you should never connect to any external service or even have a browser in it. Cold storage and hardware wallets are the best, but In such a situation that they're not available, using separate devices can help to some extent increasing the security of your  funds.