December 27, 2017 by

Cybercriminals Spoof Millions of Printers, Scanners to Spread Malware

Security researchers have discovered cybercriminals spoofing millions of scanners to launch attacks containing malicious attachments.

Cybersecurity researchers at Barracuda first witnessed an early attack in late 2017 wherein the attachment provided attackers to begin covert surveillance or gain unauthorized access to a victim PC via a backdoor. It wasn’t long before researchers spotted millions of attempts to infect unsuspecting users via email.

“The attackers have chosen PDF generating devices because PDF files can be weaponized to deliver active contents which can be harmful to users,” Barracuda researchers wrote. “Receiving a PDF attachment in an email sent by a printer is so commonplace that many users assume the document is completely safe.  From a social engineering perspective, this is exactly the response that the cybercriminals want.”

Typically, the malicious emails’ subject line would typically read “scanned from HP” or “Scanned from Epson” or “Scanned from Canon” while containing malicious files with anti-detection techniques. The malware is triggered when the user clicks on the attachment as configured communication protocols are established during the initial infection. The backdoor into the PC enables unrestricted access to the malicious cybercriminal who gains the ability to monitor user behavior, change computer settings, browse and copy files, utilize the bandwidth (Internet connection) for possible criminal activity, access connected systems, and more.

Researchers recommend double-checking with the sender to ensure that they really intended to send the document. Hovering the mouse over every single hyperlink is also an effective method of ensuring it is a legitimate link. Further, employees ought to be regulatory trained and tested to increase their security awareness, researchers state, to increase their awareness of attack vectors like phishing attempts. ‘Simulated attack training is by far the most effective form of training,” researchers added.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Popular Freeware Site Found Hosting Bitcoin Stealing Malware

A dangerous bitcoin stealing malware that swaps user accounts with that of the attacker was...

Read more arrow_forward

47 Million Emails/Day: Necurs Botnet Launches Massive Ransomware Campaign

A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the...

Read more arrow_forward

This Android CryptoMining Malware is Capable of Destroying Android Phones

Cybersecurity researchers have discovered a “jack of all trades” cryptocurrency mining malware...

Read more arrow_forward