Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday January 03 2018, @04:55AM   Printer-friendly
from the You've-got-mal-mail! dept.

Cyber-criminals are spoofing scanners by the millions to launch attacks containing malicious attachments that appear to be coming from the network printer.

Barracuda researchers first witnessed the initial attack in late November 2017 and said the attachment provides the attackers with the ability to initiate covert surveillance or gain unauthorised access to a victim PC backdoor into the victim PC, according to a 21 December blog post.

[...] “Receiving a PDF attachment in an email sent by a printer is so commonplace that many users assume the document is completely safe,” researchers said in the blog. “From a social engineering perspective, this is exactly the response that the cyber-criminals want.”

[...] The emails subject read something like “Scanned from HP”, “Scanned from Epson”, or “Scanned from Canon,” while containing a malicious file attachment with anti-detection techniques such as modified file names and extensions inside the traditional file archive, which allows attackers to hide the malicious code inside the archive, imitating a ‘.jpg', ‘.txt' or any other format.

The malware in the attachments was designed to gain unfettered access to a user's device including the ability to monitor user behaviour, change computer settings, browse and copy files, [and] utilise the bandwidth to victim's devices.

Source: https://www.scmagazineuk.com/criminals-spoof-scanners-and-printers-by-the-millions-to-spread-malware/article/733793/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Interesting) by Anonymous Coward on Wednesday January 03 2018, @01:46PM (1 child)

    by Anonymous Coward on Wednesday January 03 2018, @01:46PM (#617144)

    What admin leaves a system configured to hide known extensions?

    Starting Score:    0  points
    Moderation   +2  
       Interesting=1, Underrated=1, Total=2
    Extra 'Interesting' Modifier   0  

    Total Score:   2  
  • (Score: 4, Informative) by Grishnakh on Wednesday January 03 2018, @04:44PM

    by Grishnakh (2831) on Wednesday January 03 2018, @04:44PM (#617205)

    Most of them, I think, but that has been a vector for malware for as long as I can remember Windows being around, so anyone who still does that deserves whatever happens to them.