Criminals now spoof scanners and printers to spread malware
Cyber criminals are getting smarter and more resourceful. They are now spoofing hardware accessories to spread their malicious payloads. Recent reports have revealed that some hackers have begun sending malicious which trick the user into believing that the attachment is coming from the network printer.
Researchers at Barracuda reported attacks of this nature in November 2017, and the Comodo Threat Intelligence Lab detected them in September 2017. Researchers from Comodo detected and analyzed more than 110,000 instances of phishing emails within just the first three days of this September 2017 malware campaign.
The malware had the ability to gain unauthorized access to a user’s computer and conduct covert surveillance. Researchers found that the attackers attempt to infect the victim through email by impersonating HP, Canon, HP, and other brand printers/scanner device to earn trust.
“Receiving a PDF attachment in an email sent by a printer is so commonplace that many users assume the document is completely safe,” Barracuda researchers said. “From a social engineering perspective, this is exactly the response that the cyber-criminals want.”
Attackers seem to focus on PDF-oriented malware, as most users think PDFs sent to their printer or scanner are harmless and coming from a safe source.
The email subject reads something along the lines of “scanned from HP” or any printer within the network, and the attachment contains the malicious code. It will have a modified file name, which allows the attackers to hide the deceptive code inside the archive, imitating a ‘.pdf,’ ‘.jpg’, ‘.txt’ or any other format.
The malware in the attached email is intended to gain access to the victim’s system. It has the ability to monitor activity, change the settings of the system, copy files, and use bandwidth of the victims’ device.
To prevent these types of attacks, researchers recommend that users double check with the sender if they receive unexpected files or delete them, hover the mouse over hyperlinks to ensure they look legitimate, and not click anything suspicious.
Researchers have warned users to counter check before they download anything even it comes from a reliable source. Employees should be trained to identify such malicious files beforehand and should be taught about threat protection.