New Method for Bitcoin Theft: Malnisse software hidden in printer drivers has been detected
Cyber security researchers have revealed that a malware hidden in some official printer drivers targeted users of Bitcoin wallets. The incident shows that hardware drivers are now becoming a tool of attack.
A new and highly sophisticated cyber threat targeting crypto currency users has emerged. Cyber security researchers announced that they have identified malicious software hidden in the official printer drivers of various brands. This malware aims to steal digital assets by targeting the Bitcoin wallet information of victims. The incident shows that hardware drivers have become a new threat vector in terms of crypto safety.
According to the research, the software in question is difficult to notice in the driver’s files. When users download this driver to install the printer, this malicious software is also uploading to the systems that work in the background without realizing it. The software comes into play, especially by following users’ copy - clipboard transactions. When a Bitcoin address is copied, the software automatically replaces this address with the attacker’s wallet address. Thus, the user is unaware of his own wallet.
One of the most striking aspects of the event is that some of the identified printer drivers were digitally signed by Microsoft. This shows that malware, not only from pirate or suspicious sources, but also through software channels that are officially reliable. Cyber security experts say that such events, software signing systems may be open to attack.
It is estimated that the software has spread over some Chinese software distribution sites and forums. However, the event may be effective on a global scale, because many users integrate such drivers into their systems by downloading such drivers from different platforms.
Cyber security companies warn users only to download drivers from the official websites of printer manufacturers. In addition, it is underlined that the use of a strong antivirus software, the systems should be kept up to date and unknown software should not be loaded. It is emphasized that users should carefully check their wallet addresses before each process.
Microsoft said in a statement on the issue, canceled the digital signature of the harmful driver and Windows Defender threat detection database was updated. While the incident brought the importance of cyber security in the crypto currency world once again, he showed that hardware components should no longer be considered as potential threat sources, not only supportive elements.
