The official printer driver of Procolored, a subsidiary of Tiansheng, was infected with a virus. The code contained a backdoor program that was used to steal cryptocurrency Malicious software replaced the cryptocurrency wallet address in the clipboard when copied to an attacker’s wallet (the so-called clipper virus). The number of of bitcoins stolen by hackers reached 9.3 BTC, which is almost $1 million at the time of writing.
The attacker’s address 1BQZKqdp2CV3QV5nUEsqSg1ygegLmqRygj was active from April 22, 2016, to March 14, 2024.
The infection occurred via a flash drive with malware. After the backdoor infection, Tiansheng placed the drivers with the virus on a network drive for global users to download.
The hijacker’s address may be linked to several other incidents, as this type of Trojan has been infecting various programs for almost 8 years.
Source: MistTrack
Spelling error report
The following text will be sent to our editors: